Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand – and reverses its controversial API price hikes.
In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February breach of the company’s systems.
Reddit spokesperson Gina Antonini declined to answer TechCrunch’s questions but confirmed that BlackCat’s claims relate to a cyber incident confirmed by Reddit on February 9. At the time, Reddit CTO Christopher Slowe, or KeyserSosa, said that hackers had accessed employee information and internal documents during a “highly-targeted” phishing attack. Slowe added that the company had “no evidence” that personal user data, such as passwords and accounts, had been stolen.
Reddit didn’t share any further details about the attack or who was behind it. However, BlackCat over the weekend claimed responsibility for the February intrusion and threatened to leak “confidential” data stolen during the breach. It’s unclear exactly what types of data the hackers have stolen, and BlackCat hasn’t shared any evidence of data theft.
BlackCat was also linked to a March attack on Western Digital that saw hackers steal 10 terabytes of data from the company, including reams of customer information. That same month, the gang also threatened to leak data allegedly stolen from Amazon-owned video surveillance company Ring.
In a post published on Saturday, titled “The Reddit Files”, BlackCat says it contacted Reddit twice – once on April 13 and again on June 16 – but did not receive a response. “I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data,” BlackCat wrote. “We expect to leak the data.”
The hackers say they are demanding $4.5 million in exchange for deleting the stolen data and for Reddit to withdraw its API pricing changes.
Reddit’s new API pricing plans have been the subject of much controversy in recent weeks: popular third-party Reddit app Apollo has announced it’s closing down as a result of the new pricing, and thousands of subreddits last week went dark in protest of the new API policy – some, including r/music and r/videos, indefinitely.
When asked by TechCrunch, Reddit declined to say whether it plans to respond to BlackCat’s demands.
Reddit experienced a more serious data breach in 2018 that saw attackers access a complete copy of Reddit data from 2007. This included usernames, hashed passwords, emails, public posts and private messages.