- Hackers threaten to leak sensitive data stolen from Reddit unless ransom is paid and controversial API pricing changes are reversed.
- Ransomware group BlackCat claims responsibility for the intrusion in February and demands $4.5 million to remove the stolen data.
- The controversy surrounding Reddit’s API pricing has led to app shutdowns and protests from thousands of subreddits.
In the shadowy world of the web, a ransomware group known as BlackCat (also called ALPHV) has threatened Reddit with a leak of sensitive stolen data unless their demands are met, which includes reversing API pricing.
According to the post on its leak site, BlackCat claims to have obtained 80 gigabytes of compressed data during a security breach on Reddit’s systems in February.
Confirmation of the breach and details provided by Reddit
Gina Antonini, a spokesperson for Reddit, confirmed that BlackCat’s claims are related to a cyber incident that Reddit had previously confirmed on February 9.
At the time, Christopher Slowe (aka KeyserSosa), Reddit CTO, admitted that hackers had accessed employee information and internal documents using a sophisticated targeted phishing attack. Slowe stated that there was “no evidence” that personal user data, such as passwords and accounts, had been stolen. However, Reddit did not share any further details about the attack or those responsible.
BlackCat, over the weekend, claimed responsibility for the February hack and threatened to release “sensitive” data obtained during the incident.
Although the exact types of data that have been stolen have not been revealed, the hackers have not provided any evidence to support their claims of data theft.
Previous BlackCat Links and the Ransom Demand
BlackCat has also been linked to a March attack on Western Digital, where they stole 10 terabytes of data, including customer information. In the same month, the group threatened to leak data allegedly stolen from Ring, an Amazon-owned video surveillance company.
In a recent post titled “The Reddit Archives,” BlackCat reveals that he contacted Reddit on two occasions: on April 13 and June 16, but received no response.
The hackers stated that they would wait until Reddit’s IPO, but now see this as a perfect opportunity to take action. According to BlackCat, Reddit won’t pay for their data, so they are determined to leak it.
Hacker Lawsuits and API Pricing Controversy
The hackers demand a $4.5 million ransom to remove the stolen data and also request that Reddit reverse the API pricing changes.
These new pricing plans have generated a lot of controversy lately: Reddit’s popular third-party app Apollo announced its shutdown due to the new pricing, and thousands of subreddits shut down in protest of the new API policy, including r/music and r/ videos, indefinitely.
Notably, Reddit has experienced a more serious data breach in 2018, where attackers managed to access a complete copy of Reddit’s data from 2007, including usernames, encrypted passwords, emails, public posts, and private messages.
This latest data breach threat by BlackCat adds a new chapter to the history of Reddit security incidents. The company is in a delicate situation, since it must make strategic decisions to protect the confidentiality of its users and address the demand of hackers. Additionally, the API pricing changes have caused significant anger among the Reddit developer and user community, further complicating the situation.