Reddit Announces Security Breach After Phishing

Reddit had a security incident last Sunday afternoon that allowed hackers to gain access to some sensitive data on the platform.

reddit banner

According to Reddit, the attack was carried out through a "sophisticated phishing campaign" where hackers created a fake but well-crafted website page on its intranet. This particular page was used to steal employee login credentials and two-factor authentication codes.

An employee eventually fell for the phishing trap, which allowed the hackers to penetrate internal Reddit documents and some internal dashboards and business systems. However, the company claims there was no evidence that the primary production systems were compromised.

Reddit reports that the employee who fell for the phishing trap self-reported the issue to the company's security team. The team responded by immediately removing the attacker's access and launching an internal investigation.

"The data exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information," Reddit said in its post.

"Based on the initial investigation by the security team and friends, we have no evidence to suggest that any of your non-public data has been accessed or that Reddit information has been published or distributed online."

iGuRu.gr The Best Technology Site in Greecegns

every publication, directly to your inbox

Join the 2.111 registrants.
reddit, hackers, security breach

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).