{ "id": "eac95ac7-3eb6-43a3-ba60-85eb55014fcb", "created_at": "2026-04-06T00:06:58.532953Z", "updated_at": "2026-04-10T03:29:39.905725Z", "deleted_at": null, "sha1_hash": "d222a479d1ed4df55d49a4227ce8472dd6575613", "title": "Amazon-owned Ring denies ‘ransomware event’ following darknet listing", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 35717, "plain_text": "Amazon-owned Ring denies ‘ransomware event’ following darknet\r\nlisting\r\nBy Alexander Martin\r\nPublished: 2023-03-14 · Archived: 2026-04-05 16:00:31 UTC\r\nThe smart doorbell and security camera company Ring has denied that it suffered a ransomware attack after the\r\ncompany was listed on a prominent ransomware gang’s extortion site.\r\nThe ALPHV ransomware group, also known as BlackCat, added the listing for Ring to its site late on Monday\r\nevening, adding: “There’s always an option to let us leak your data.”\r\nBut a spokesperson for Ring, which is owned by Amazon, told Recorded Future News: \"We currently have no\r\nindications that Ring has experienced a ransomware event.\"\r\nRead more: An ALPHV (BlackCat) representative discusses the group’s plans for a ransomware ‘meta-universe’\r\nIt is not clear what data the gang claims to have accessed.\r\nRing has historically experienced a number of incidents in which hackers were able to access customers’ cameras\r\nafter compromising their credentials, although the company has now updated its security practices.\r\nVice News reported that a person shared a link to their report in an internal Amazon Slack channel with the\r\nstatement: “Do not discuss anything about this. The right security teams are engaged.”\r\nUnder the EU's General Data Protection Regulation (GDPR), companies have 72 hours to confirm a breach of\r\npersonal data to victims after discovering it, or they can face large fines. Such a breach could include losing access\r\nto personal data if it was encrypted, as well as the criminals managing to steal it for extortion purposes.\r\nWhen asked about GDPR, the company spokesperson responded that there were currently \"no indications\" of a\r\nransomware incident.\r\nLast month ALPHV listed just over 6GB of data allegedly stolen from the Munster Technological University in\r\nIreland in an attack which led to all classes being canceled for several days.\r\nThe FBI issued a Flash report regarding the BlackCat/ALPHV ransomware gang in April 2022, warning: “Many\r\nof the developers and money launderers for BlackCat/ALPHV are linked to Darkside/Blackmatter, indicating they\r\nhave extensive networks and experience with ransomware operations.”\r\nSource: https://therecord.media/ring-denies-ransomware-attack-alphv\r\nhttps://therecord.media/ring-denies-ransomware-attack-alphv\r\nPage 1 of 1", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://therecord.media/ring-denies-ransomware-attack-alphv" ], "report_names": [ "ring-denies-ransomware-attack-alphv" ], "threat_actors": [ { "id": "86ab9be8-ce67-4866-9f66-1df471e9d251", "created_at": "2024-05-29T02:00:03.942487Z", "updated_at": "2026-04-10T02:00:03.641939Z", "deleted_at": null, "main_name": "Alpha Spider", "aliases": [ "ALPHV Ransomware Group" ], "source_name": "MISPGALAXY:Alpha Spider", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "6e23ce43-e1ab-46e3-9f80-76fccf77682b", "created_at": "2022-10-25T16:07:23.303713Z", "updated_at": "2026-04-10T02:00:04.530417Z", "deleted_at": null, "main_name": "ALPHV", "aliases": [ "ALPHV", "ALPHVM", "Ambitious Scorpius", "BlackCat Gang", "UNC4466" ], "source_name": "ETDA:ALPHV", "tools": [ "ALPHV", "ALPHVM", "BlackCat", "GO Simple Tunnel", "GOST", "Impacket", "LaZagne", "MEGAsync", "Mimikatz", "Munchkin", "Noberus", "PsExec", "Remcom", "RemoteCommandExecution", "WebBrowserPassView" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434018, "ts_updated_at": 1775791779, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/d222a479d1ed4df55d49a4227ce8472dd6575613.pdf", "text": "https://archive.orkl.eu/d222a479d1ed4df55d49a4227ce8472dd6575613.txt", "img": "https://archive.orkl.eu/d222a479d1ed4df55d49a4227ce8472dd6575613.jpg" } }