Amazon's Ring may have been hacked — ransomware group threatens to leak data

Android Police

By Jay Bonggolto

Published Mar 14, 2023

ALPHV claims to have breached Amazon's Ring

Any home security company has every chance to face various sorts of troubles. There's the issue of information security, which can be difficult to handle, and user privacy, which can become quite tricky when a company profits from making live video available to multiple users on different devices. Other times, they're fodder for hackers, owing in large part to the treasure trove of data they store in the cloud, including private home footage. One of the home security vendors that has dealt with security incidents in the past is Ring, and it may be in for another breach after a ransomware group threatened to leak data belonging to the company.

According to cybersecurity collective VX Underground, Ring is the latest victim of ransomware gang ALPHV, known to be behind the BlackCat ransomware.

If you work in healthcare, BlackCat may ring a bell, as it has frequently targeted this sector. In January, EHR and healthcare IT vendor NextGen Healthcare was hit by BlackCat. A month later, Pennsylvania-based Lehigh Valley Health Network confirmed that it fell prey to the same ransomware.

The group seems to have found a new target. In a message posted on its website, ALPHV says, "There's always an option to let us leak your data," with Ring's logo right next to it. It is unclear whether the group was successful in gaining access to customers' data or video footage, but the message makes it clear that ALPHV claims it has breached the company.

ALPHV operates like other ransomware groups, locking its victims out of their files. Its website also has a searchable database of victims, many of whom have been shamed after extortion attempts. Those who do not pay will have their data made public and accessible to ALPHV-affiliated groups.

Given that many of Ring's top home security cameras are end-to-end encrypted, it's unlikely that the group has accessed users' private footage. In any case, hackers may have breached the company's corporate data.

The Amazon-owned vendor has yet to publicly acknowledge the attack, if it occurred at all. Meanwhile, an individual posted a message to an internal Amazon Slack channel, saying that Amazon is investigating the incident. "Do not discuss anything about this," the message purportedly reads, with a link to Vice's report on the potential ransomware incident. "The right security teams are engaged."