According to a post the group made on its own website, as shared by security researcher Dominic Alvieri, the ransomware gang known as BlackCat, also known as Alphv, breached Reddit after phishing one of its staffers. Now claiming responsibility for the incident, the group stated that it got its hands on 80GB worth of compressed data. This is believed to contain internal documents, code, contracts, and information on some advertisers, as well as that of some former and current employees.
— Dominic Alvieri (@AlvieriD) June 17, 2023 As mentioned earlier, the hacker group has threatened to leak the data dump if Reddit doesn’t give it US$4.5 million (~RM20.9 million), as well as reverse the API pricing increase. Though it’s quite unlikely that the hacker group is doing this for altruistic reasons. The post goes on to say that the hacker group had tried contacting Reddit twice before to claim the ransom, once on 13 April and another on 16 June, getting no response both times.
This indicated to the hackers that “there was no attempt to find out what we took”, giving them confidence that the company “will not pay any money for their data”. Instead, the hackers intend to release to the public “statistics they track about their users and all the interesting confidential data that we took”. While the hackers initially intended for all this to leak closer to the Reddit IPO, but decided to capitalise on the whole API pricing controversy instead, as it “seems like the perfect opportunity”. (Source: Dominic Alvieri / Twitter)