Reddit, a popular social news and discussion platform with a daily user base of over 50 million, reported a successful cyber attack on February 9th. The company attributed the breach to a highly crafted phishing scheme targeting Reddit employees, resulting in the attacker gaining access to internal documents, code, dashboards, and business systems. Fortunately, no user passwords or accounts were impacted and no evidence of a breach in Reddit’s primary production systems, which run the platform and store the majority of user data, was found.
The phishing campaign followed a typical pattern, where the attacker sent seemingly trustworthy prompts to employees, leading them to a website imitating Reddit’s intranet gateway, with the intention of stealing credentials and second-factor tokens. Prompt action was taken after one employee self-reported the attack. Limited contact information of current and former employees, as well as advertiser information, was exposed. Reddit assured its users that their non-public data was not accessed or published online.
In response, Reddit recommended users set up two-factor authentication (2FA) and use a password manager to generate strong passwords, while regularly updating passwords is not necessarily required. A password manager such as 1Password can make the password creation process simple.