A “highly-targeted” phishing attack led to the access of internal documents and source code, according to Reddit.
Reddit’s chief technology officer, Christopher Slowe, also known as KeyserSosa, stated in a post that on February 5, the company learned about the “sophisticated” attack aimed at Reddit staff members. According to him, an attacker who has not been identified sent “plausible-sounding prompts” that led staff members to a website pretending to be Reddit’s intranet portal in an effort to steal login information and two-factor authentication tokens.
Slowe compared the breach to the recent Riot Games hack, which saw attackers use social engineering techniques to access source code for the company’s legacy anti-cheat system. Slowe did not provide any specific examples, but claimed that “similar phishing attempts” have recently been reported.
According to Reddit, hackers were successful in obtaining an employee’s login information, which gave them access to some internal dashboards, business systems, and source code for internal documents and documents.
After the phished employee self-reported the incident to Reddit’s security team, according to Slowe, the company discovered the breach. Reddit swiftly disabled the hackers’ access and launched an internal investigation.
Reddit, which boasts a daily user base of more than 50 million, reported that its investigation revealed that some contact details for hundreds of current and former employees, as well as some advertiser information, were also accessed. Reddit stated that it has “no evidence” that user information, including personal information, has been taken, leaked, or distributed online.
Reddit has nonetheless advised all users to use a password manager and enable two-factor authentication on their accounts. In addition to offering excellent complex passwords, Slowe claims that these services also add an extra layer of security by alerting you before you enter your password on a phishing website.
He continued, “We’re strengthening our security capabilities with our employees and continuing to investigate and monitor the situation closely.” Humans are frequently the weakest link in the security chain, as we all know.
In 2018, Reddit suffered a more significant data breach in which hackers gained access to a complete copy of Reddit data from 2007, which includes the first two years of the site’s existence. Usernames, hashed passwords, emails, public posts, and private messages were all included.