Ring won’t say if it was hacked after ransomware gang claims attack

A notorious ransomware gang is threatening to leak data allegedly involving the Amazon-owned video surveillance company Ring.

On Monday, the ALPHV ransomware group listed video door phone maker Ring as a victim on its dark website. “There is always an option to allow us to leak your data,” the Russia-linked group wrote along with the listing, seen by TechCrunch.

It is not known what specific data ALPHV has access to, and the gang has not shared any evidence of data theft.

In a statement given to TechCrunch, Ring spokeswoman Emma Daniels said the company currently has “no indication that Ring experienced a ransomware event,” but did not say whether the company has the technical ability, such as logs, to Detect if any data was used. accessed or exfiltrated.

According to a statement shared with Vice, Ring said it was aware that a third-party vendor had been targeted by ransomware and is working with the company, which reportedly does not have access to customer records, to learn more. . When contacted again by TechCrunch, Daniels declined to confirm the third-party breach or name the vendor involved, but he also declined to dispute it.

Vice reports that the link to their report was shared on one of Amazon’s internal Slack channels along with a warning: “Do not discuss anything about this. The right security teams are engaged.”

List of ALPHV Ring ransomware sites. Image Credits: TechCrunch

Like other ransomware groups, ALPHV not only encrypts the victim’s data, but first steals it, with the aim of extorting the victim by threatening to release the stolen data.

ALPHV, often referred to as BlackCat, first gained prominence in 2021 as one of the first ransomware groups to use the Rust programming language and the first to create a search for specific data stolen from its victims. Other victims of ALPHV include Bandai Namco, Swissport, and Munster University of Technology (MTU) in Ireland.

Do you work at Ring? Do you have more information about this ransomware attack? You can contact Carly Page securely on Signal on +441536 853968 and via email. You can also contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Wickr, Telegram and Wire @lorenzofb, or by email. Share tips and docs with TechCrunch via SecureDrop.

Source link

James D. Brown
James D. Brown
Articles: 9393