Reddit hacked by BlackCat ransomware group
Reddit has revealed that it was attacked in February 2023 by the BlackCat ransomware organization. According to the gang, they grabbed 80GB of material from Reddit, including internal papers, source code files, employee details, and restricted advertisement data.
BlackCat is said to have obtained access to Reddit’s networks via a phishing attempt. They were able to steal a substantial amount of data after they gained access. The organization then sought a $4.5 million ransom in exchange for not revealing the information.
So far, Reddit has declined to pay the ransom, and BlackCat has threatened to leak the data until their demands are satisfied. The organization also claims to have alerted Reddit of the breach on two different occasions, but is yet to get a reply.
“I told them in my first email that I would wait for their IPO to come along,” the Reddit hack perpetrators said. “But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data. We expect to leak the data.”
“But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took,” the ransomware group warned. “Did you know they also silently censor users? Along with artifacts from their GitHub!”
Gina Antonini, a Reddit representative, verified that the ransom demand is related to a data breach that occurred on February 9, 2023, and that Reddit is strengthening its security and working with law authorities to investigate the incident.
Reddit adds that there is no evidence that user information, such as passwords and account information, was hacked. But internal papers, source code files, employee information, and advertiser data are likely to be in custody of the ransomware group.
The sources for this piece include an article in TheRegister.