Reddit hit by phishing attack but user data unaffected


The breach was due to a phishing campaign targeted at Reddit employees. — Dreamstime/TNS

SINGAPORE: Popular social media platform Reddit was hit by a phishing attack on Feb 5 that saw hackers gain access to internal documents and code, but no user data was compromised.

The exposed data included the “limited” contact information of hundreds of “company contacts” and Reddit employees, as well as some advertiser information, said a Reddit spokesman in a thread posted on the platform’s official subreddit last Friday (Feb 10).

He said that the breach was due to a phishing campaign targeted at Reddit employees, directing them to a website that impersonated its intranet site.

This site attempted to steal employees’ credentials and two-factor authentication (2FA) tokens.

“After successfully obtaining a single employee’s credentials, the attacker gained access to some internal documents, code, as well as some internal dashboards and business systems,” he added.

Preliminary investigations showed that the exposed data was not being distributed online. So far, there had been no indication that the production systems used to run the website had been breached, said the spokesman.

Although users were unaffected by the breach, the spokesman recommended that they set up 2FA to better secure their accounts.

He also recommended that users update their passwords every few months, and use a password manager. A password manager is a software application that stores and manages online credentials. – The Straits Times (Singapore)/Asia News Network

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

The sky's the limit for Bluesky
Two decades of Nintendo's top-selling DS console
ChatGPT's Advanced Voice Mode is coming to web browsers
Elon Musk blasts Australia's planned ban on social media for children
Bitcoin's wild ride toward $100,000
OpenAI considers taking on Google with browser, the Information reports
One tech tip: How to get started with Bluesky
FCC proposes fining Chinese video doorbell manufacturer after security concerns raised
Snap seeks to dismiss New Mexico lawsuit over child safety
Crypto industry jockeys for seats at Trump's promised council

Others Also Read