Ring, a home security and smart home company owned by Amazon, has reportedly suffered a ransomware attack by Russia-linked ALPHV group, according to a tweet by VX-Underground.

The ALPHV ransomware group, also known as BlackCat, has posted the company’s logo on its website along with a message that reads, “There’s always an option to let us leak your data.” The group has threatened to leak the stolen data if the company refuses to pay the ransom.

It is unclear what data has been stolen or what ransom has been demanded, but the potential implications for customers could be severe. As a provider of home security and smart home systems, Ring may have compromised customers’ recorded footage or personal information, such as credit card numbers, mailing addresses, phone numbers, names, and passwords.

The tweet along with a screenshot of the ALPHV website was posted on Tuesday morning, but Ring or Amazon are yet to confirm the attack.

Security and privacy concerns with Ring

This is not the first time that Ring has faced a cyberattack or an attempted hack. In December 2019, hackers created a dedicated software that could be used to break into Ring security cameras.

At the time, Ring said that there was no breach or compromise of its security. The company, however, advised customers to enable two-factor authentication on their Ring account, add Shared Users (instead of sharing login credentials), use strong passwords, and regularly change their passwords as precautionary methods.

Ring also fell into a privacy controversy recently when a business owner in Ohio received a notice from the company stating that it had received a warrant, signed by a local judge. The notice informed him he was obligated to send footage from more than 20 cameras — whether or not he was willing to share it himself.  

Ring has an app called Neighbors, where users can upload clips that can act as a virtual neighborhood watch. The company has nearly 2,350 police departments on its Neighbors network through which they can request video footage from users in specific areas.

ALPHV becomes more active

ALPHV was the second most active ransomware in 2022, according to Malwarebytes. ALPHV was the first ransomware to be coded in Rust programing language. Last month, the ransomware group listed over 6GB of data allegedly stolen from the Munster Technological University in Ireland on its website. 

The Lehigh Valley Health Network disclosed on February 20 that it had been attacked by the ALPHV ransomware gang and stated that it would not pay a ransom. The gang had posted nude pictures of cancer patients on its site. The pictures were clinical images used as part of radiotherapy.

• Ransomware