Reddit has confirmed that hackers accessed internal documents and source code following a “highly targeted” phishing attack.
TO post by Reddit CTO Christopher Sloweor KeyserSosa, explained that the company became aware of the “sophisticated” attack targeting Reddit employees on February 5. She says an as-yet-unidentified attacker sent “plausible-sounding prompts” that redirected employees to a website masquerading as a Reddit intranet. portal in an attempt to steal two-factor authentication credentials and tokens.
Slowe said “similar phishing attempts” have been reported recently, without naming specific examples. However, he likened the breach to the recent Riot Games hack, in which attackers used social engineering tactics to access the source code of the company’s legacy anti-cheat system.
Reddit said the hackers successfully obtained the credentials of a single employee, allowing them to gain access to internal documents and source code, as well as some internal dashboards and business systems.
Slowe said the company learned of the breach after the phishing employee self-reported the incident to Reddit’s security team, allowing it to quickly cut off insiders’ access and begin an internal investigation.
Reddit, which has more than 50 million daily uses, said its investigation concluded that the limited contact information of “hundreds” of current and former employees, as well as information from some advertisers, was also accessed. However, the company says it has “no evidence” to suggest that users’ personal data and other non-public data have been stolen, posted or distributed online.
Regardless, Reddit has recommended that all users set up 2FA on their accounts and use a password manager. “In addition to providing very complicated passwords, they provide an extra layer of security by warning you before you use your password on a phishing site,” Slowe says.
“We continue to investigate and monitor the situation closely and work with our employees to strengthen our security skills,” it added. “As we all know, humans are often the weakest part of the security chain.”
Reddit suffered a more serious data breach in 2018 in which attackers accessed a Full copy of Reddit data from 2007, covering the first two years of the site’s operations. This includes usernames, encrypted passwords, emails, public posts, and private messages.
