Someone else reported it too here:
https://bitcointalk.org/index.php?topic=1259678.0, And you should contact your local cyber crime division and let them know about this. You can read more suggestions on the same topic in that thread.
Don't pay them anything, there is no way to know whether they have any information or not in the first place and even if they do, there is no promise that they won't come back again and ask for more and they still might make the information public even after receiving the ransom.
Don't reply to them, just store the email as proof and report it to the local authorities is my suggestion.