The cybergang known as ALPHV/Blackcat is claiming it has accessed data from Amazon’s home security business, Ring.
The company makes doorbells and home cameras which are extremely popular globally.
According to Vice’s Motherboard, the attackers are threatening to release Ring’s data, and have posted about the hack on their website.
“There's always an option to let us leak your data,” a message posted on the ransomware group’s blog reads next to Ring’s logo.
Motherboard says it has also verified a listing on the attacker’s “data dump site” naming Ring is currently on the website.
The publication also reports that a person on an internal Amazon Slack channel has told colleagues: “Do not discuss anything about this. The right security teams are engaged.”
According to the Australian Cyber Security Centre, the group offers a ransomware-as-a-service and uses its software (Blackcat) to restrict access to corporate files and systems by encrypting, forcing the users to pay the offenders.
1News has asked Amazon for comment on the story.
CERT has also been contacted for advice to consumers who own Ring devices.
Advice for customers
Jordan Heersping, Manager of Incident Response at CERT said because reports of a breach haven't been verified yet, it's not clear what data or systems could potentially be affected.
"Depending on what exactly has occurred it's unlikely that turning off your device will help."
However, Jordan said there are some basic steps people can take in the meantime.
"The best advice is to update your passwords and turn on multi-factor authentication (MFA), and ensure your privacy settings are locked down and your devices are updated to the latest software. Be aware that you may get more phishing attacks if the breach does turn out to be legitimate.
He also said that people should be keeping across their account details, and ensuring their devices are getting any updates directly from Ring (Amazon).
SHARE ME