Ransomware

Ring Denies Falling Victim to Ransomware Attack

Ring says it has no indications it has fallen victim to a ransomware attack after cybergang threatens to publish supposedly stolen data.

Ionut Arghire

March 14, 2023

In response to a cybercrime group’s claims, home security firm Ring says it has no evidence that it has fallen victim to a ransomware attack.

Founded in 2013 and acquired by Amazon in 2018, Ring started with a smart doorbell and later expanded its portfolio with an alarm system and other smart home security products.

On Monday, the cybergang behind the Alphv ransomware added an entry to their leaks site claiming they breached Ring and threatening to release data supposedly stolen from the company.

The entry does not provide details on the amount or type of data that might have been compromised.

“There’s always an option to let us leak your data,” the entry reads.

Responding to a SecurityWeek inquiry, Ring denied falling victim to a ransomware attack.

“We currently have no indications that Ring has experienced a ransomware event,” Ring said.

Also tracked as BlackCat and Noberus and written in the Rust programming language, the Alphv ransomware family was first seen in November 2021, but its operators are likely linked to the previously known cybercrime ring behind the Darkside/Blackmatter ransomware.

Advertisement. Scroll to continue reading.

Operating under the ransomware-as-a-service (RaaS) business model, the group typically harvests and exfiltrates data from the infected systems, and then uses it to pressure victims into paying a ransom.

In July 2022, shortly after creating a dedicated leak site to pressure one of their victims, the group created a searchable database so that employees and customers of victim organizations could search for their potentially compromised data.

In some cases, the group was also seen launching distributed denial-of-service (DDoS) attacks against victims, and harassing their customers, employees, and partners, to further pressure them into paying up. The Alphv ransomware operators have breached over 100 organizations to date.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. (Marc Solomon)

Know Your Audience When Speaking to Security Practitioners

How can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? (Joshua Goldfarb)

Cybersecurity Mesh: Overcoming Data Security Overload

A significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach. (Torsten George)

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting. (Etay Maor)

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Kevin TownsendFebruary 2, 2023

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Kevin TownsendJune 9, 2023

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Eduard KovacsMarch 1, 2023

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.

Eduard KovacsOctober 5, 2023

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Ionut ArghireMarch 27, 2023

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ionut ArghireApril 11, 2023

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Eduard KovacsNovember 16, 2023

Ransomware

Johnson Controls Hit by Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

Eduard KovacsSeptember 29, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Ransomware

Ring Denies Falling Victim to Ransomware Attack

More from Ionut Arghire

Latest News

Trending

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Cybersecurity Mesh: Overcoming Data Security Overload

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware

Johnson Controls Hit by Ransomware

SECURITYWEEK NETWORK:

ICS:

More from Ionut Arghire

Latest News

Trending

Daily Briefing Newsletter

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Cybersecurity Mesh: Overcoming Data Security Overload

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware

Johnson Controls Hit by Ransomware