Data Breach: Ransomware Group Threatens to Leak Data Stolen from Reddit

The BlackCat ransomware threat actors have taken credit for the February 2023 attack on social platform Reddit. The gang also known as ALPHV has threatened to leak the stolen 80GB data unless they’re paid the ransom of $4.5 million. The threat actors have also demanded the rollback of Reddit’s recently announced API pricing policy.

Dominic Alvieri, the cybersecurity researcher was the first one to spot BlackCat’s claim, as hackers behind the 5th February data breach attack on Reddit. The group shared a post named ‘The Reddit Files’ on their data leak blog site, where they not only claimed the cyberattack but shared details about their attempts to contact Reddit. They claim to have contacted the company twice and now are threatening to release the data as their demands are not being met.

At the time of the attack, Reddit’s CTO in a post had confirmed that in a highly-targeted phishing attack, unknown threat actors had gained access to its systems and stolen some internal documents, codes, dashboards and business systems.

The exposed data also included some advertisers’ information and past and current employee credentials. However, the hackers were unable to breach Reddit’s primary server, resulting in non-exposure of any user passwords, credit card information and account details. “We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).”

On discovering the incident, the company immediately deployed containment measures to mitigate the threat. It not only removed the unauthorized access, but also launched an internal investigation. Moreover, they assured users of ongoing monitoring of the incident and strengthening their security systems to avoid similar attacks in the future.

Reddit also urged users to deploy simple, yet effective security measures like setting up a 2FA (two-factor authentication) and using a password manager. In the current times of cyberattacks and data breaches, a password manager helps secure online accounts including personal information and identity.