BlackCat ransomware gang, also known as ALPHV, a notorious group of hackers linked to many high-profile data breaches has issued a threat to Reddit, one of the world’s largest social media platforms.
The hackers claim to have stolen 80 gigabytes of compressed data during a breach of Reddit’s systems in February and are now demanding a ransom payment and the reversal of controversial API price hikes, or else they will release the confidential data to the public.
The breach, confirmed by Reddit on February 9, was a result of a highly-targeted phishing attack, according to Reddit CTO Christopher Slowe, who goes by the online alias KeyserSosa.
At that time, it was revealed that the hackers had gained access to employee information and internal documents. However, there was no evidence to suggest that personal user data, such as passwords and accounts, had been compromised.
Reddit spokesperson Gina Antonini has confirmed that the claims made by BlackCat are related to the cyber incident in February. Antonini declined to provide further details regarding the attack or the identity of the perpetrators. It is still unclear what specific types of data were stolen during the breach, and the hackers have not provided any evidence for their claims.
BlackCat, known for its involvement in various cyberattacks, including a recent breach of Western Digital in March and a threat to leak data from Ring, an Amazon-owned video surveillance company, has now taken responsibility for the Reddit intrusion.
In a post titled The Reddit Files, the hackers state that they contacted Reddit twice, but received no response. BlackCat mentions demanding $4.5 million in exchange for deleting the stolen data and requesting Reddit to roll back its API pricing changes.
The recent controversy surrounding Reddit’s new API pricing plans has caused a stir within the Reddit community. Third-party Reddit app Apollo has already announced its closure due to the new pricing structure, while numerous subreddits, including r/music and r/videos, have gone dark indefinitely in protest of the new API policy.
When questioned about its stance on BlackCat’s demands, Reddit has chosen not to disclose its response.
It is worth noting that Reddit previously experienced another significant data breach in 2018, where attackers obtained a complete copy of Reddit data dating back to 2007. The stolen information included usernames, hashed passwords, emails, public posts, and private messages.
As the deadline set by BlackCat approaches, Reddit faces a critical decision. The company must carefully evaluate its options, weighing the potential consequences of paying the ransom against the possibility of having confidential data exposed to the public. The outcome of this situation will undoubtedly have far-reaching implications for Reddit and its millions of users worldwide.