The popular social media site, Reddit, suffered a cybersecurity breach in February of this year resulting in the theft of 80GB of data, including internal documents, source code, employee data, and some information about the company’s advertisers. The attack was allegedly carried out by the ALPHV ransomware operation, also known as BlackCat, according to cybersecurity expert Dominic Alvieri.
Phishing Attempt Used to Gain Access
The hackers were able to gain access to Reddit’s systems through a phishing attempt. Fortunately, user passwords, accounts, and credit card details were not compromised, and production systems were not affected. However, the stolen data contains sensitive information that could be damaging to Reddit and its users if it were to be leaked.
Demand for Money to Keep Stolen Data Secret
The situation worsened when the hackers responsible for the breach demanded $10 million from Riot during the attack in exchange for keeping the stolen data a secret. When their demand went unanswered, the hackers found another target to exploit. They made two attempts to contact Reddit on April 13th and June 16th, demanding $4.5 million for the content to be deleted, but once again, they received no response.
Identification of BlackCat as responsible for the attack
Dominic Alvieri reportedly discovered the involvement of BlackCat in the attack on Reddit. Although BlackCat is known as a ransomware group, they did not encrypt any devices during this attack. It is unclear why they chose to steal and potentially leak the data rather than hold it for ransom.
Confirmation of cyber attack reported by Cyber Security News
The Cyber Security News confirmed that this is the same attack that Reddit announced in February. The stolen data includes sensitive information about Reddit’s advertisers, which, if leaked, could harm the company’s revenue stream. The stolen source code could also be used to exploit vulnerabilities in Reddit’s system.
The Dangers of Data Breaches
This incident serves as a reminder of the potential dangers of data breaches and the importance of ensuring the security of valuable information. Companies must take measures to protect their users’ and their own sensitive information. These measures should include implementing secure password practices and utilizing multifactor authentication for all employees who have access to sensitive information.
Reddit, like other large companies, must take necessary steps to protect its valuable data from hackers who will stop at nothing to gain access and steal valuable information. This incident serves as a wakeup call to companies and individuals to take all necessary steps to protect their online information and understand the importance of utilizing cybersecurity measures.