Reddit, the popular social news and discussion platform, suffered a security breach on Sunday night (PST). Based on the investigation so far, Reddit user passwords and accounts are safe. However, the attacker gained access to some internal documents, code, and internal business systems as a result of a sophisticated and highly-targeted phishing attack.
How the Attack Happened
On February 5, 2023, Reddit became aware of a phishing campaign that targeted its employees. The attacker sent out plausible-looking prompts directing employees to a website that replicated the behavior of the company’s intranet gateway, in an attempt to steal credentials and second-factor tokens.
After successfully obtaining a single employee’s credentials, the attacker gained access to some internal documents, code, and internal dashboards and business systems. Reddit reports no indications of a breach in its primary production systems, which run the platform and store the majority of its data.
Exposure Details
The exposure included limited contact information for hundreds of current and former company contacts and employees, as well as limited advertiser information. However, the company says it has no evidence to suggest that any non-public data has been accessed or that Reddit’s information has been published or distributed online.
Response to the Attack
The affected employee self-reported the phishing attack, and the Reddit Security team responded quickly by removing the attacker’s access and launching an internal investigation. The company is continuing to investigate the situation closely and working with its employees to enhance its security skills.
Protecting User Accounts
Reddit is using this opportunity to remind its users of the importance of protecting their accounts. The most important measure users can take is to enable two-factor authentication (2FA), which adds an extra layer of security when accessing the account. The company also recommends updating passwords every couple of months, making sure they are strong and unique for greater protection.
Using a password manager is also recommended, as it provides complex passwords and an extra layer of security by warning users before they use their password on a phishing site.
In conclusion, Reddit’s investigation into the security breach is ongoing, and the company is doing its best to keep its users informed and protected. The Reddit team will be available for a few hours to answer questions.