A cybercrime group is threatening to release internal data from Reddit unless the company agrees to pay a ransom and reverse its plans to increase prices for API access.
The ALPHV ransomware gang, commonly referred to as BlackCat, claimed in a Saturday post on the dark web that it had stolen 80GB of compressed data from Reddit back in February.
Reddit admitted at the time that “internal docs, code, as well as some internal dashboards and business systems” had been accessed by hackers after one of its employees was targeted with a phishing attack. Although BlackCat is a ransomware group, no files on Reddit’s systems were encrypted during the attack.
BlackCat, which is demanding $4.5 million in exchange for deleting Reddit’s data, claims Reddit ignored their attempts to contact it on April 13 and June 16. Reddit’s recent drama over planned pricing changes for its API, which allows third-party developers to access and use Reddit’s data in apps of their own, also appears to have helped motivate the hackers.
“We are very confident that Reddit will not pay any money for their data,” the group wrote. “But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took.”
BlackCat thus far has not provided any samples of the alleged data. Reddit has declined to comment on whether it has spoken with the ransomware group or whether it has confirmed that they are behind the February breach.
Reddit stressed, however, that none of its production systems were breached and that no sensitive customer data such as passwords and credit card information was accessed.
Although BlackCat stated that it plans to release the data, it remains unclear if and when it will take place.
Besides the alleged impending leak, Reddit is also dealing with protests from countless users and popular subreddits over the API pricing spike.
Last week, thousands of subreddits went dark by restricting access to non-members, a move aimed at crippling Reddit’s web traffic. And while countless subreddits remain locked, many have returned and instituted a policy of only allowing posts with pictures of comedian and late-night host John Oliver in further protest of the API policy.
