On Thursday, Reddit made the announcement that on February 5, 2023, the platform fell victim to an advanced phishing scam. The news was shared on the website. The firm said that the attackers targeted its workers by delivering plausible-sounding prompts through a website that appeared just like Reddit’s intranet gateway. This was done in order to trick employees into providing sensitive information. The credentials and second-factor tokens of the target were supposed to be stolen in the course of this attack.
According to Reddit, a number of workers were targeted by malicious emails that were sent via a phishing website. Because one of the workers gave their login information on this cloned website, the perpetrator or perpetrators were able to get into Reddit and steal data. Reddit claims that its core production system, which is where it keeps the majority of its data, was not compromised in any way.
Reddit started an inquiry into the event when an employee who was impacted by the attack told the Security team about it. The Security team subsequently learnt about the attack. The response that the corporation gave to the occurrence was to cut off the intruder’s access to the system.
The Chief Technology Officer of Reddit, Christopher Slowe, said in a blog post that the hacker had access to Reddit’s internal papers, dashboards, and business systems. The exposed data consists of limited contact information for firm contacts, which number in the hundreds at the moment, as well as data pertaining to current and past workers. Reddit has pointed out that some limited advertisement information has been made public.
However, the business has reassured users on Reddit that their data is safe and that it was not compromised in any way by the recent incident. According to the representative for the firm, “Based on the findings of our investigation thus far, the passwords and accounts of Reddit user are secure.”
They added that after many days of research by security, engineering, and data science (and friends), the business had not discovered any proof that its customers’ private data had been accessed or that Reddit’s data had been posted or disseminated online.
Despite this, Reddit strongly advises its community members to convert to a two-factor authentication method. In addition, Slowe held an Ask Me Anything session to respond to questions about the event and clarified that the worker who had self-reported the incident had not been terminated but had instead been assigned to different department.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.