Wouldn't the first thing a good hacker would do is to make sure he doesn't get cought? A good start would be to make it look like someone else did it, especially a entity that can't be checked or would cooperate to catch the actual hacker like the Russians or Chinese.
Yes, that's standard practice. Even hobbyists like me do it.
Also, any good hacker would be sure to leave behind multiple access paths. But maybe a professional hacker would refrain from dumping stuff, because that alerts the target. So the dump implies that they're not very professional.
It all depends on the goal right? In this case it seems the goal was to harm the company because they didn't pay ransom. Not to perform long term espionage.
