Amazon’s Ring was reportedly hacked according to a ransomware group called ALPHV. Ring is a division of Amazon that specializes in security cameras, so the news generates alert due to the sensitivity of data that could be leaked. For the time being, the company does not acknowledge having suffered any cyber-attack.
The ALPHV group has threatened to publish the information it has obtained if it does not receive the demanded payment, in a kind of blackmail published on its own website. The message posted against Ring was the following: “There is always an option to allow us to filter your data”, without adding further information. There is uncertainty as to what kind of data they have obtained although, as a security company, any leak is a big problem.
What is ALPHV and how would it have obtained Ring’s data from Amazon?
ALPHV is a group that uses a ransomware called Black Cat to infiltrate computers of different companies and steal information. Ransomware is malicious software that encrypts the entire contents of the user’s computer. Subsequently, the hackers demand a ransom and, in exchange for the money, the criminals would hand over a key that decrypts the data and rehabilitates access to it.
Unlike other groups that operate in the same way, ALPHV publicizes its attacks as a way of extorting companies to pay up. A section called Collections, where all the data hacked from other companies is published, can be viewed on its website. Prior to the apparent attack suffered by Ring, this group has attacked companies belonging to the education and health sectors.
It is not known exactly how and what kind of information they would have obtained from Ring, as the company denies the alleged attack. If they acknowledged that a third-party vendor suffered a ransomware incident and that the ransomware incident is under investigation.
Information about the data theft allegedly carried out by ALPHV was shared on an internal Amazon employee channel with the comment that security teams are investigating the information and that no comment should be made.
What kind of information would have been obtained in the alleged attack on Ring?
Whether it is an attack directly on Ring or on a third-party vendor, the types of data that a security company operates with raises red flags that the attack may be real.
In the absence of certain information, it is not known whether the data allegedly leaked corresponds to users or is internal Ring information. It was only clarified that the external provider does not have access to Ring’ s customer information and insists that the company itself has not suffered any type of breach of its systems.
For the time being, only the cybercriminal group is the only one to claim that the attack took place. We will have to wait for more data to find out if this is a real attack or if it is simply a false information that only seeks to generate controversy.
