A group of hackers, associated with the ransomware gang called BlackCat, are threatening to leak 80 gigabytes of confidential data stolen from the online platform in February this year. In exchange for the stolen data, hackers have demanded a million-dollar payout and pricing policy changes.
The claim was made in a post tilted “The Reddit Files” on the dark web, according to reports in international media. It has been reviewed by cybersecurity experts and reporters from various news platforms.
The ransomware group has claimed in their post that they first demanded $4.5 million from Reddit for “deleting” the held data and maintaining “silence” over the cybersecurity attack in April. The confidential data was stolen in a phishing attack on Reddit, leading to the exposure of internal documents, employee information, dashboard, and code and contracts.
At the time of the hack, Reddit had confirmed the hackers had used a “sophisticated and highly-targeted” to get access to internal documents, but maintained that no user data that was not already public had been breached.
Alongside the ransom, the hackers also demand a reversal of Reddit’s API policy changes. Reddit recently announced it would start charging third-party app developers. The development led to a stream of protests across the website, with some of the most influential Reddit users limiting their posts and restricting access to their forums.
Reports suggest over 6,000 Reddit forums led a blackout last week to register their protest against the API policy changes.
Earlier in April, Genesis Market, a notorious online platform believed to be one of the largest marketplaces for stolen identities, was dismantled in a global operation involving law enforcement agencies from 20 countries.
The platform advertised and sold packages of online credentials based on locations such as usernames and passwords for emails, bank accounts, and social media, according the US Justice Department (DOJ).
