Reddit announced that its systems were breached in mid-June 2018. The company says that the email addresses of most of the service's users have been intercepted, as well as some of the passwords from an old copy. security data 11 years ago.
According to Reddit, the hack took place between June 14 and June 18, when a hacker managed to compromise the accounts of several employees who were using two-factor authentication (2FA) via SMS.
The attacker managed to gain access to old forgotten salted passwords from a backup of the 2007 database and the current Reddit user emails.
Reddit confirmed that the email addresses found in the hands of the hacker were through some files logs stored on its servers between June 3 and 17, 2018.
The company also reports that the hacker managed to steal Reddit's source code, internal archives logs and configuration files.
Read the official announcement, and change passwords immediately.
______________________________
- Mark Zuckerberg: Two users have leaked data from 2,2
- OpenPGP SigSpoof vulnerability to popular email applications
- FlightSimLabs Greek seizes passwords from pirates
- PassProtect: Addon alerts you to insecure passwords
- The Have I Been Sold service informs you if your email has been sold