Hackers Steal and Threaten to Leak Reddit Data

According to CNN, the BlackCat ransomware gang is threatening to make 80 gigabytes of secret, stolen data from Reddit public. The ransomware group, known as ALPHV, allegedly obtained the data in a security breach back in February. Apparently, the timing of the demands is only a coincidence: One might assume the hackers attacked Reddit because of the company’s new pricing policy,
June 20, 2023
 / 
meritsolutions
 / 
Image

According to CNN, the BlackCat ransomware gang is threatening to make 80 gigabytes of secret, stolen data from Reddit public. The ransomware group, known as ALPHV, allegedly obtained the data in a security breach back in February.

Apparently, the timing of the demands is only a coincidence: One might assume the hackers attacked Reddit because of the company’s new pricing policy, which asks third-party apps to pay millions of dollars in fees for users accessing Reddit’s API. Some app makers say they cannot afford the changes, and are shutting down services at the end of the month, sparking protests from users on the site.

However, that doesn’t appear to be the case. BlackCat claims in a post on the dark web they simply wanted to be paid $4.5 million for the data they stole, saying they wanted Reddit to comply “for the deletion of the data and our silence” back in April. Reddit never responded, leading to group to switch tactics following the controversial new site policy: Now, BlackCat wants the $4.5 million, in addition to a retraction in that policy.

For Reddit’s part, a spokesperson told CNN the hackers are indeed referring to the data breach that occurred in February, but that no user data was accessed. The company will not comment further than that.

Does BlackCat actually care about the issues between Reddit, third-party apps, and its community? Likely no. It’s an example of a hacking group taking advantage of a popular online movement in order to pressure a company to give them money.

Share This

Leave a Reply



Sign Up for weekly MERIT Security Briefing

By signing up, you agree to our Privacy Policy.