The criminal group behind the February Reddit hack is now demanding $4.5 million and the dropping of API changes, or the stolen data will be published.
@Phoeniqz If Reddit is only announcing the hack now then that is very likely going to be a legal problem in a number of US jurisdictions, not to mention EU and others.
@dismalnow having the code out there that Reddit uses to track accounts doesn’t give me warm fuzzies. I’m not a technical guy but it seems that it would be better if that code had not been hacked and put in the hands of people with malicious intent. I have to defer to others on whether the hack compromises Reddit users’ security.
@Phoeniqz If Reddit is only announcing the hack now then that is very likely going to be a legal problem in a number of US jurisdictions, not to mention EU and others.
Reddit announced it in February shortly after it was uncovered, the group that allegedly exfil’d the data has just started making threats now.
I’m not so sure tho, as no user data was affected.
@Phoeniqz
@gentleman
My read was that BlackCat only got non-prod data. So perhaps it’s sourcecode.
In which case… they’ve likely got nothing of value other than the code used to track users.
@dismalnow having the code out there that Reddit uses to track accounts doesn’t give me warm fuzzies. I’m not a technical guy but it seems that it would be better if that code had not been hacked and put in the hands of people with malicious intent. I have to defer to others on whether the hack compromises Reddit users’ security.