Reddit was hacked with a phishing attack. No user information has been compromised.
A Reddit employee’s credentials were stolen in a targeted phishing attack, one of the site’s administrators reported, and on February 5, hackers were able to break into systems. From the looks of it, Reddit employees received “pretty believable invitations”that led to a site that copied the design and behavior of the intranet, but designed and created two-factor authentication identifiers and tokens. The employee, although he fell into a trap, immediately notified the relevant services about this. After that, the site’s security service was able to quickly respond and block access.
Reddit hacked with phishing attack
A Reddit spokesperson stated that these hackers were able to gain access to some “internal documents, code, as well as some internal control panels and other systems for operations.”Contact information for hundreds of companies, current and former employees, and even some advertisers was also revealed. However, the platform wants to reassure users, the security team has conducted an investigation, there is no evidence that passwords or any personal data could have been compromised. At present, the team has also found no trace of this data spreading on the Internet.
User information has not been compromised
However, according to the same spokesman, the company is “continuing to investigate and is closely monitoring the situation.”He recalls that the lessons learned from the security breach 5 years ago are very useful today. If the attackers were only able to obtain non-user information, that’s most likely because the 2018 hack was a much more serious incident. At the time, the hackers were able to recover the users’ email addresses, as well as a 2007 backup of the password database.