Amazon has no evidence of having been hit by a ransomware attack; however, the company is investigating a third-party vendor over the data breach.
ALPHV, a ransomware group known for using the BlackCat malware, has claimed responsibility for the attack on Amazon’s popular security camera company, Ring, and is now threatening to leak their data.
The ALPHV ransomware group is involved in a series of ransomware attacks using BlackCat malware and operates a ransomware-as-a-service platform. Here’s the message ALPHV posted on their website with Ring’s logo:
“There’s always an option to let us leak your data.”
The group has also created a searchable database of its victims who deny paying the ransom, which can be accessed by its affiliated groups.
In its tweet, VX-Underground, online malware source code collectors, confirmed on 13th March that ALPHV is responsible for the attack on Ring. However, the company did not confirm if the hackers compromised any data, so there are currently no recommendations for Ring users on how to address the situation.
For your information, Ring doorbell and security camera devices support E2EE (end-to-end) encryption in a majority of the regions where it is available. This means neither any government entity, hackers, nor even its parent company Amazon can access the uploaded footage.
However, it is possible for the attackers to exfiltrate corporate/customer data instead of the video. According to a Ring spokesperson, the company has no evidence of having been hit by a ransomware attack; however, they are investigating a third-party vendor over the data breach.