Group behind Reddit hack demands $4.5 mn and reversal of API pricing changes
The group behind the Reddit hack in February has demanded a $4.5 million payout in exchange for the data along with a reversal of the controversial API pricing changes introduced by the social media platform.
The BlackCat (ALPHV) ransomware gang has claimed responsibility for the attack in which 80GB of data was stolen from the company. An unsuspecting Reddit fell victim to a phishing attack due to which the attackers were able to gain access to the company’s internal documents, source code, and other confidential data.
At that time Reddit chief technology officer Christopher Slowe said in a post that while attackers gained access to internal docs, code, and business systems, there has been no breach of the production system.
As per Bleeping Computer’s report, the attackers reached out to Reddit twice – April 13 and June 16. In a post, the group said that in their last mail, they demanded $4.5 million for ‘the deletion of the data and our silence’, but now they seek withdrawal of the API pricing changes along with the ransom money to avoid leaking the data.
Reddit has been receiving a lot of backlash regarding its decision to charge third-party apps for its API. As per the changed rules, from July 1, the app owners would be required to pay approximately $1 per user per month for API access. Several subreddits (communities on the platform) blacked out for several hours against the new rules.
In an earlier interview with The New York Times, Steve Huffman, Reddit founder and chief executive officer said that the platform’s data corpus is really valuable to be given for free to some of the largest companies. Notably, a lot of artificial intelligence systems and tools like OpenAI’s ChatGPT and Google’s Bard have been built on publicly available data corpus, including that from Reddit.