The CTO says the data theft was the result of "a highly targeted" phishing attack. Maybe they got Huffman himself with promises of a deal on a survival bunker-ready penis enlargement device....
The CTO says the data theft was the result of "a highly targeted" phishing attack. Maybe they got Huffman himself with promises of a deal on a survival bunker-ready penis enlargement device.
Seriously though, the answer is "nothing." The demand is clearly nonsense. Even if they got credit card info from premium subscribers, there's no guarantee the blackmailers don't have copies of the data and won't just release it down the road when Reddit Inc inevitably makes another unpopular move with the platform. Paying out and reversing course is essentially ceding control of a billion+-dollar company to idiots who got lucky with social engineering. There's zero chance of that happening, especially when history shows that consumers don't really hold corporations accountable for lax data security.
Paying the ransom doesn't even guarantee they'll keep their word, and there's no indication that they alone holds the data. You take your loss, do a proper post-mortem so that it doesn't happen again.
Paying the ransom doesn't even guarantee they'll keep their word, and there's no indication that they alone holds the data. You take your loss, do a proper post-mortem so that it doesn't happen again.
We all know the demands are fake, so why not just do it? Unless they don't have anything. Meh.
The CTO says the data theft was the result of "a highly targeted" phishing attack. Maybe they got Huffman himself with promises of a deal on a survival bunker-ready penis enlargement device.
Seriously though, the answer is "nothing." The demand is clearly nonsense. Even if they got credit card info from premium subscribers, there's no guarantee the blackmailers don't have copies of the data and won't just release it down the road when Reddit Inc inevitably makes another unpopular move with the platform. Paying out and reversing course is essentially ceding control of a billion+-dollar company to idiots who got lucky with social engineering. There's zero chance of that happening, especially when history shows that consumers don't really hold corporations accountable for lax data security.
What do you even do in that situation
Paying the ransom doesn't even guarantee they'll keep their word, and there's no indication that they alone holds the data. You take your loss, do a proper post-mortem so that it doesn't happen again.