Attackers send an email or a message via the company's contact form stating that the server has been hacked. A ransom is to be paid to prevent the case from becoming public.
Such emails or contact form messages claiming that the website has been hacked and that data has been leaked all have a similar structure and wording to so-called fake sextortion emails. This is a typical approach in fake blackmail, i.e. fake extortion. These forms of blackmail typically use the same bitcoin addresses. So if someone were to make a payment, it would be impossible for the blackmailers to find out which victim paid the ransom. The extortionists try their luck and send these emails in the hope that the recipients include people who are intimidated and thus persuaded to pay the ransom.