Home Technology Reddit says hackers gained access to internal data after employee phishing attack • businessroundups.org

Reddit says hackers gained access to internal data after employee phishing attack • businessroundups.org

by Ana Lopez
0 comment

Reddit has confirmed that hackers gained access to internal documents and source code after a “highly targeted” phishing attack.

a posted by Reddit CTO Christopher Sloweor KeyserSosa, explained that the company became aware of the “sophisticated” attack on Reddit employees on Feb. 5. portal in an attempt to steal credentials and two-factor authentication tokens.

Slowe said “similar phishing attempts” have been reported recently, without citing specific examples. However, he compared the breach to the recent Riot Games hack, in which attackers used social engineering tactics to gain access to the source code for the company’s old anti-heat system.

Reddit said hackers successfully obtained a single employee’s credentials, giving them access to internal documents and source code, as well as some internal dashboards and company systems.

Slowe said the company learned of the breach after the phishing operative himself reported the incident to Reddit’s security team, prompting it to quickly cut off the infiltrators and launch an internal investigation.

Reddit, which has more than 50 million daily uses, said the investigation concluded that limited contact information of “hundreds” of current and former employees was also accessed, as well as certain advertiser information. However, the company says it has “no evidence” to suggest that user personal data and other non-public data have been stolen, published or distributed online.

Anyway, Reddit has recommended that all users set up 2FA on their accounts and use a password manager. “In addition to great complicated passwords, they provide an extra layer of security by warning you before using your password on a phishing site,” says Slowe.

“We continue to investigate and closely monitor the situation and are working with our employees to strengthen our security skills,” he added. “As we all know, people are often the weakest part of the security chain.”

Reddit suffered a more serious data breach in 2018 where attackers gained access to a full copy of 2007 Reddit data, comprising the first two years of the site’s operations. This includes usernames, hashed passwords, emails, public messages, and private messages.

You may also like

About Us

Latest Articles