Yeah... so... sorry to hear. At this point I'm sure your IT folks are freaking out and well into responding. It's up to your executives if they wish to involve the FBI / other feds, pay/not pay, etc. There are a lot of devil in the details but this one is particularly nasty with their willingness to leak data not just encrypt it. Without knowing the environment, data, etc, my suggestion would be to determine if the folks in house can handle it and if not retain an incident response team like Mandiant or SecureWorks, etc. If it's one system/set of systems, hopefully your backups are good and recent. Once you identify how it happened you can restore from backups. If your prevention controls fail that is the most prevalent way to restore business continuity in a ransomeware situation. Hopefully your company has good incident response, business recovery and continuity plans. Working offline and NOT opening any phishy emails, questionable attachments, or clicking on funky links is email, is a good strategy while IT eradicates, contains, and restores the rest. Hopefully if it has a large impact you have good Cyber Insurance as well.