SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Ring Denies Falling Victim to Ransomware Attack

Ring says it has no indications it has fallen victim to a ransomware attack after cybergang threatens to publish supposedly stolen data.

In response to a cybercrime group’s claims, home security firm Ring says it has no evidence that it has fallen victim to a ransomware attack.

Founded in 2013 and acquired by Amazon in 2018, Ring started with a smart doorbell and later expanded its portfolio with an alarm system and other smart home security products.

On Monday, the cybergang behind the Alphv ransomware added an entry to their leaks site claiming they breached Ring and threatening to release data supposedly stolen from the company.

The entry does not provide details on the amount or type of data that might have been compromised.

“There’s always an option to let us leak your data,” the entry reads.

Responding to a SecurityWeek inquiry, Ring denied falling victim to a ransomware attack.

“We currently have no indications that Ring has experienced a ransomware event,” Ring said.

Also tracked as BlackCat and Noberus and written in the Rust programming language, the Alphv ransomware family was first seen in November 2021, but its operators are likely linked to the previously known cybercrime ring behind the Darkside/Blackmatter ransomware.

Advertisement. Scroll to continue reading.

Operating under the ransomware-as-a-service (RaaS) business model, the group typically harvests and exfiltrates data from the infected systems, and then uses it to pressure victims into paying a ransom.

In July 2022, shortly after creating a dedicated leak site to pressure one of their victims, the group created a searchable database so that employees and customers of victim organizations could search for their potentially compromised data.

In some cases, the group was also seen launching distributed denial-of-service (DDoS) attacks against victims, and harassing their customers, employees, and partners, to further pressure them into paying up. The Alphv ransomware operators have breached over 100 organizations to date.

Related: Ransomware Operator Abuses Anti-Cheat Driver to Disable Antiviruses

Related: Watch Sessions: Ransomware Resilience & Recovery Summit

Related: Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Rethinking Endpoint Hardening for Today’s Attack Landscape
On Demand

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Virtual Event: Cloud & Data Security Summit
July 16, 2025

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Cloud security startup Upwind has appointed Rinki Sethi as Chief Security Officer.

SAP security firm SecurityBridge announced the appointment of Roman Schubiger as the company’s new CRO.

Cybersecurity training and simulations provider SimSpace has appointed Peter Lee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.