The criminal group behind the February Reddit hack is now demanding $4.5 million and the dropping of API changes, or the stolen data will be published.
@dismalnow having the code out there that Reddit uses to track accounts doesn’t give me warm fuzzies. I’m not a technical guy but it seems that it would be better if that code had not been hacked and put in the hands of people with malicious intent. I have to defer to others on whether the hack compromises Reddit users’ security.
@Phoeniqz it depends on the jurisdiction, but my understanding is that a breach is a breach. If no user data was compromised, then that is good for users and Reddit is potentially facing less liability. I understand from the responses in this thread that Reddit did announce the breach.
I’m not so sure tho, as no user data was affected.
@Phoeniqz
@gentleman
My read was that BlackCat only got non-prod data. So perhaps it’s sourcecode.
In which case… they’ve likely got nothing of value other than the code used to track users.
@dismalnow having the code out there that Reddit uses to track accounts doesn’t give me warm fuzzies. I’m not a technical guy but it seems that it would be better if that code had not been hacked and put in the hands of people with malicious intent. I have to defer to others on whether the hack compromises Reddit users’ security.
@Phoeniqz it depends on the jurisdiction, but my understanding is that a breach is a breach. If no user data was compromised, then that is good for users and Reddit is potentially facing less liability. I understand from the responses in this thread that Reddit did announce the breach.