Hackers Threaten To Leak 80GB of Confidential Data Stolen From Reddit

Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand -- and reverses its controversial API price hikes. From a report: In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February breach of the company's systems. Reddit spokesperson Gina Antonini declined to answer TechCrunch's questions but confirmed that BlackCat's claims relate to a cyber incident confirmed by Reddit on February 9.

At the time, Reddit CTO Christopher Slowe, or KeyserSosa, said that hackers had accessed employee information and internal documents during a "highly-targeted" phishing attack. Slowe added that the company had "no evidence" that personal user data, such as passwords and accounts, had been stolen. Reddit didn't share any further details about the attack or who was behind it. However, BlackCat over the weekend claimed responsibility for the February intrusion and threatened to leak "confidential" data stolen during the breach. It's unclear exactly what types of data the hackers have stolen, and BlackCat hasn't shared any evidence of data theft.

Reddit - the show

[Opportunist]

The first season or two are kinda bland, but recently it sure picked up steam.

Stock up the pop-corn

[stooo]

Stock up the pop-corn.
Will Reddit tank fast like Nokia, or slowly ?

Re: Stock up the pop-corn

[ZERO1ZERO]

The narrative certainly has changed to when and how rather then if in regards to reddit imploding up its own arsehole

Re:

[functor0]

Probably passwords, which could be harmful if people reuse them. Aren't there also people who pay them? So probably also credit card numbers and other personal info.

Re:

[Sonicanatidae]

Well, a lot of companies look at the reactions of the user base when changes are made and reconsider changes. Huffman, just ordered all the unpaid mods to get back to work, because "he's trying to run a business" or they can go fuck themselves, because he has an IPO to prep for.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[djinn6]

Seems like the content providers that Reddit depends on are being nice giving Reddit a chance to prove themselves worthy of retaining their audience.

You mean content editors right? The mods aren't the ones creating most of the content. The users who do create it couldn't care less about API pricing.

Re:

[sfcat]

But they do care about useful 3rd party apps. The Reddit default apps are terrible. That's why this is an issue. Nobody wants to use a buggy app with 4 seconds of latency. Also the same applies to the mods who won't be moderating without their 3rd party tools. This is largely because there are features the mods need that are only provided via those 3rd party apps.

Re:

[alanp]

Reddit have already said they will allow mod tools to work.
So it becomes about the app. Why would they allow an app to suck their revenue stream, block ads, and profit ?

Re:

[GreaterTroll]

Reddit has been saying that since Obama was president. Reddit is lying. I’d like it if the site was a lot less central to internet discussion in the future.

Re:

[fafalone]

The mods rely on 3rd party tools because reddit's mod tools are apparently the same kind of hot garbage the user app or new reddit interface is. Nobody believes they're suddenly going to fix it all now after all these years no matter what they say.
And everywhere I've seen the userbase asked, the blackouts have commanded majority support (of those who weighed in during the appropriate window, but I find complaints about that silly given *that's how voting works*).

Re:Stock up the pop-corn

[slack_justyb]

Its systems, hosting etc are owned by a corporation, just like slashdot, facebook and all.

That is very true. And those systems have a non-zero worth. The existential question is, "What makes Reddit?" Is it the computer systems or the content? If it's the former, then yes, Reddit seems well placed to indicate that it ought not be toyed with. If it's the latter however, what happens when the content makers become tired of the marketplace that is Reddit's systems and goes elsewhere?

It's one of those questions I think is fun to ask because it doesn't have a simple answer. If everyone posting to Reddit stopped posting to Reddit, would Reddit still be a thing? And if the answer to that is "no", well then, there's a bit of soul searching that needs to happen to define "what is Reddit?".

I don't know, I don't really have a dog in this fight. I just think it's fun to think about these social media services and ask the questions, "What do these places provide that cannot be replicated elsewhere?" and "What is the 'community' these services talk about? Did it exist before the service came about? Would it exist if the service was gone?" And sometimes it feels like it's just inertia that keeps some of them afloat. But maybe not here, been forever since I went to Reddit (as in, "old" style as I am lead to believe was the only style back when I used it, but I have no idea when the "new" Reddit started), so honestly take anything I have to say about them with massive doses of salt.

Re:Reddit - the show

[znrt]

pffff ... nah, it's been going downhill steadily since the opening with that app guy's manifesto. subs are coming back online which is kind of embarrassing, these kids have no clue how to build proper narrative tension. and now this blackcat thing clearly jumps the shark ...

Re:

[tlhIngan]

subs are coming back online which is kind of embarrassing

Not without a fight it seems. Reddit is forcing subs to be open - by brute force if necessary. Some communities have taken to basically turning the entire sub to a troll fest meant to dissuade anyone who comes in with a real legitimate question as well as overloading the newly appointed moderators so lots of crap gets through.

Basically Reddit has given those subs an ultimatum of opening again or Reddit will do it for them and assign new moderators as

Re:

[znrt]

i assume that such content doesn't really get deleted, only hidden from the public view. the terms of service allow reddit to do whatever it pleases with it, including storing it indefinitely and selling it to anyone in the world. they could even "republish" it at any time without any reference to the original user, which will still hold ownership but has already granted reddit perpetual right to "make Your Content available for syndication, broadcast, distribution, or publication by other companies, organi

Re:Reddit - the opera

[Errol backfiring]

It is like an opera: the audience knows that the character is already dead, but the song of dying always takes a very long time.

Re:

[Opportunist]

An opera is where in the third act the hero gets stabbed and then rather sings than bleeds.

Re:

[Calydor]

Are you saying it picked up STEAM in the THIRD SEASON?!

Half-Life 3 confirmed, everyone!

Couldn't happen to a more fucked up site

[greytree]

So the mods who ban from Reddit everyone who disagrees with them now disagree with Reddit and are banning it.

Good.

Now for someone to start a good glopal discussion site that is open, well-modded and has a working appeal system site.
Where real, balanced discussions can take place.

I don't even care if Musk / X.com do it, because the modding should OF COURSE be independent of his or anyone else's personal opinion.

Re:

[Baron_Yam]

>the mods who ban from Reddit everyone who disagrees with them now disagree with Reddit and are banning it.

Until I read your post, I hadn't considered it that way... +infinity insightful. Reddit mods are paid with 'power' over their little fiefdoms and rewarded with an ego stroke as a result. They absolutely are the kind of people who would burn the place down around them if they felt they were losing their grip on power.

You know what? Fire is useful for popping popcorn.

Re:

[alanp]

Yes, I think you are right. There will be a changing of the mod guard.
If it had not been for the hack, then this would be over in 2 weeks.
The hack really changes things, in terms of reddit surviving.

Re:

[greytree]

"thats the whole point of being a mod, power. feel free to reference any and every internet forum or website in which moderators are present."

Not this one.
Here only the truly anal woke mod me "-1 Disagree" because the power for them is small and it doesn't really matter much to me anyway.

On Reddit a crazed wokeist modded me off the entire site for (some period of time) with no functioning appeal process.
That is farked up.

Reddit truly deserve all this.

Re:Couldn't happen to a more fucked up site

[Baron_Yam]

>the modding should OF COURSE be independent of his or anyone else's personal opinion.

This is something I think Slashdot has the best answer to short of paying for professional human moderation - the random mod points and meta-moderation are a decent hedge against a small coordinated group controlling the site via moderation abuse.

Re:

[greytree]

+1 Agree with you (sic)

Re:

[sarren1901]

Anything with to much of a global appeal isn't going to workout because to many people will make anything toxic given time. Slashdot is a spectacular example. We use to have some really good nerdy technical discussions on here in the early 00s.

Now, we barely get anything about tech or science but we get a whole lot of politics and advertisement or we focus on tech companies that are actually advertisement companies...

Re:

[TheRealMindChild]

Slashdot also has the right idea of you can either post, or you can moderate, but you can't do both on the same story. Reddit's moderation system allows people to post back and forth, disagreeing with one another, while both modding down each other on every comment in the chain. Simultaneously modding up people in the chain that agree with them

Re:

[sarren1901]

IDK, I can moderate and post AC in the same thread. It's good enough.

No one should care about reddit anymore

[xack]

All the smart people have left, it's only strike breakers and people who stumble across it on google left now. You don't see articles about myspace or bebo anymore because no one cares and have moved on. Spez has decided to kill his golden egg. The knowledge lost will eventually move on to other sites, and the losers that still use reddit will be laughed at by the rest of the internet just liked they do with twitter. I have added Reddit to my hosts file and haven't looked back.

Re:

[Botched]

Love reddit myself, been using it all morning, looks like everything's back to normal!

Good for you!

[GreaterTroll]

Say these plague rats I’ve been nurturing to health also happen to be huge Reddit fans!
So if you’re headed that way could you do me one small favor? Really it’s a favor for the rats.

Re:

[alvinrod]

Spez doesn't care what happens down the road. As long as the site looks good for the IPO he's going to be make a bunch of money from whoever buys this even if it creates so much ill will that everyone is actively looking for a way to jump ship as soon as a viable alternative shows up. That's someone else's problem and even better for him if the new majority shareholders want to bring in a new CEO afterwards since it gives him the perfect excuse to unload all of his own stock. If he's enough of a villain now

Re:No one should care about reddit anymore

[darkain]

So... you just described Slashdot a decade ago?

Re:

[alanp]

OK, moved onto where ? I'm genuinely curious, not trolling.

Re:

[xack]

You're on Slashdot for a start. There are people going back to older forums as well as new federated services like mastodon and lemmy.

Re:No one should care about reddit anymore

[thegarbz]

I have added Reddit to my hosts file and haven't looked back.

There's something uniquely dumb about blocking a site you voluntarily can ignore, especially given said site often shows up with solutions to problems based on the fact it's little more than a special interest story.

And you seem to be proud of that.

Rare Puppers

[Ksevio]

In a twist of events, the hackers release 80gb of cute animal pics, completely destabilizing the market

Re:

[znrt]

but, but ... the memes!
is nobody going to think of the memes?

Dumpster Fire

[RitchCraft]

This just shows how quickly social media sites can implode. I've read that Reddit is looking at an IPO soon. Who in their right mind would be willing to throw cash into this dumpster fire? I truly hope 20 years from now we can look back and remember the "anti-social" years of the Internet before all the implosions.

Re:Dumpster Fire

[Zekolas]

I will say this as someone who enjoys reddit or is part of a few reddit communities and mostly stick to 3-4 subs. I have no clue who would invest in reddit. The site was started in 2005 its nearly 20 years old! If it has not figured out how to make money in the past 20 years what hope is it to become profitable ?

Re:

[znrt]

chatgpt and derivatives. they could make a shit ton of money selling just the material they already have, at least while the hype lasts.

so they probably could afford to lose some moderators. in fact, they could probably afford to lose them all, they already own the content. long term is moot because the chatgpt mining craze will subside anyway, but pretty sure there's some cash to be made before that happens.

Re:

[fafalone]

ChatGPT and every major IT company currently playing catch-up has no doubt already scraped the site, especially given the warning time about changes. There's not a whole lot of value in the marginal set of new posts. Some, but not enough to justify the exorbitant price they're asking, which is far higher than any other comparable API.

Re:

[thegarbz]

This just shows how quickly social media sites can implode. I've read that Reddit is looking at an IPO soon. Who in their right mind would be willing to throw cash into this dumpster fire?

What's changed? No I'm serious here, in terms of investment has anything significant changed in the past 6 months? The user exodous has been miniscule, many subs are back open, and data leaks are like the 21st birthday of tech companies these days, a right of passage for all.

So in terms of investment what has changed? One could argue it was always a bad investment, but in the context of this story I doubt any of the recent events have significantly weighed in on investor's decisions.

People give confidential data to Reddit?

[nospam007]

Are they mental?

Re:

[znrt]

can't blame you for not rtfa, this story is getting boring.

but it's company confidential data, namely "documents and source code". also reddit said explicitly that no user data was compromised (although the odds that they would say that regardless if it was or not are like 0.988).

Nobody cares about Reddit user data

[Baron_Yam]

So... you have my alias and my registered email address (which is probably Hotmail or GMail if not a temporary address that no longer exists). Maybe you get my recent IPs and can geolocate me to a city or something.

Wow. It's not like my real name is in there, nor my credit card info, nor my street address. In terms of blackmail/extortion material, Reddit's user data is worth nothing.

Now the employee info... that could be interesting.

Re:

[beforewisdom]

... and the article summary said the crackers have employee data.

The only reason I can think people would want that is to harass people. I think that is morally wrong, even if people used it to egg Spez's house.

I am glad that years ago I took the time to give each social media account I had a unique autogenerated password and a throwaway email address.

Re:

[Baron_Yam]

I agree, but as their business is harvesting every bit of information they can about people and selling it wherever they can make a buck without any ethical concerns of their own... I can only agree reluctantly.

Re:

[Baron_Yam]

I still don't sanction the illegal act, but someone being 'just an employee' does not make me have any sympathy for them.

If the business model is scummy and you work for the business... you're scummy too. You may have no responsibility for making the big decisions, but you did decide to keep working for the company and executing those decisions.

Re:

[sarren1901]

I mean, if the hackers stole everything of value and just released it for free, that's probably going to really hurt the IPO. Why pay reddit for data for your AI training when you can just download it for free?

Re:

[danda]

your email addr can be used to correlate with another (stolen?) database that has your name, picture, home address, etc.

Now somebody knows all the posts you made and perhaps can use it for marketing, profiling, blackmail, etc.

unless you were tricky enough to use a one-off addr for reddit. then you are golden.

Re: Leak.

[Motleypuss]

Does it contain pr0nz?