As reported by TechCrunch, the BlackCat ransomware group shared a blog post titled ‘’The Reddit Files’’ on its dark web leak site on Saturday, claiming that it stole 80GB of compressed data from the company during a security breach that took place this February.
In the blog post, the group said that they reached out to Reddit twice, first on April 13 and then again on June 16, but it didn’t receive any response.
“I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data,” BlackCat said in the post, adding that they expect to leak the data.
Speaking to TechCrunch, Gina Antonini, Reddit’s Director of Corporate, Policy & Safety Communications, verified that the group’s claims show resemblance to a cyber attack Reddit confirmed on February 9.
Reddit’s CTO and Founding Engineer Christopher Slowe, who is also known as KeyserSosa, said at the time that hackers obtained employee data and internal documents through a ‘’highly-targeted’’ phishing attack, adding that there was ‘’no evidence’’ to prove that personal user information, including passwords and accounts, had been compromised.
The social media company didn’t disclose any further information about the attack and who organized it. However, last weekend, the BlackCat group claimed responsibility for the February attack and is now threatening to leak the stolen ‘’confidential’’ data.
TechCrunch notes that what types of data have been accessed remain unknown for now, and the hacker group didn’t share any evidence of the data theft.
Reddit’s latest move to begin charging developers for access to its API has led to a side-wide protest among thousands of subreddits. The news was met with disappointment by third-party Reddit clients like Apollo, which recently shared their shutdown announcements.