Reddit Hacked: Internal Data Stolen after Phishing Attack

Reddit confirms it was hacked in a phishing attack.


Reddit notified that they have suffered a cyber attack on Sunday evening, which allows hackers to access internal systems and steal internal documents and source codes.

Hackers have used phishing attacks against some of the Reddit employees with a landing page that looks like the company's intranet site. The impersonating site steals the employee's credentials and two-factor authentication tokens.

Hackers gained access to the internal system of Reddit after one of its employees fell victim to the attackers' phishing page which leads attackers to steal data and source code.

"After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems." - Reddit wrote.

Reddit noted that there are no indications of a breach of their primary production systems (the parts of our stack that run Reddit and store the majority of our data).  This hack incident exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information. 

After the employee fell victim to the phishing attack, the affected employee self-reported, and the Security team responded quickly, removing the infiltrator’s access and commencing an internal investigation. 

Read Also
Post a Comment