Has Amazon’s Ring Been Hacked? Ransomware Gang Posts Data Leak Threat
A ransomware group known as ALPHV claims to have breached the doorbell and security camera company, threatening to publish Ring’s data.
The ALPHV ransomware gang, known to be behind a spate of BlackCat ransomware attacks and operating a ransomware-as-a-service operation, has claimed to have successfully breached Ring, the Amazon owned doorbell and security camera company.
As first reported by Vice, the ransomware group website has published a threat, next to the Ring company logo, to “leak your data.” The group behind the BlackCat ransomware malware has created a searchable database of victims who do not pay, accessible by affiliate groups.
VX-Underground, one of the largest online collections of malware source code, has confirmed in a 13 March tweet that the claim has been published by ALPHV.
Currently, it is not known what, if any, data has been breached by ALPHV. Therefore, there is no advice for Ring users as to what they should do at this time. Ring devices support end-to-end encryption (E2EE) in most countries, and if enabled, means that neither Amazon nor law enforcement, or ransomware groups for that matter, could access uploaded footage. However, if this ransomware attack proves to be confirmed, it is possible that the cybercriminals have exfiltrated corporate or customer data rather than video.
I have reached out to both Amazon and Ring for a statement, and a Ring spokesperson told me this morning, that: “We currently have no indications that Ring has experienced a ransomware event.”
This story is still developing, however, and if that statement evolves I will update this article in due course. Meanwhile, Vice reports that an internal Amazon Slack channel, updated following the publication of its story, warned: “Do not discuss anything about this. The right security teams are engaged.” It is those security teams that have likely determined, at least for now, that ALPHV has not perpetrated a successful BlackCat ransomware deployment.
Follow me on Twitter or LinkedIn. Check out my website or some of my other work