Reddit confirmed that it was hacked as a result of a phishing campaign that attacked its internal systems, after some of its employees fell for the deception and gave access, affecting documents and the code of the platform.
The application assured that the attack was “sophisticated and highly targeted”, that user data is safe and that there is no indication of a breach in the primary production systems, which is where the data of the company is stored. social network and the data structure that allows its operation.
“Based on our investigation so far, Reddit users’ passwords and accounts are secure, but on Sunday night (target time), Reddit’s systems were hacked as a result of a sophisticated and highly targeted phishing attack. They gained access to some internal documents, code and some internal business systems,” the company said.
It may interest you: Five cybercrime practices that can grow with artificial intelligence
However, the platform warned that the attackers were able to obtain “limited contact information” of the employees and other contacts of some advertisers, but there is no indication that this information is private or in the public domain.
“We have no evidence to suggest that any of your non-public data has been accessed, or that information from Reddit has been published or distributed online,” the company said in a statement.
The way in which the attack was carried out was through the disclosure of a false website to the employees, for which one of the workers fell for the phishing campaign, accessing the page and giving his credentials that were later used. the cybercriminal to carry out his attack, which occurred on February 5.
Although user data was not compromised, Reddit He suggested everyone turn on two-factor verification processes and change their passwords, which they recommend doing every couple of months, or use a key manager to add more protection.
It may interest you: Bloatware, a mobile problem that everyone should know about
The history of 2018 repeats itself
This is not the first time that Reddit something similar happens to him, almost five years ago a security breach compromised the data of the users, after intercepting the SMS messages confirmation, compromising employee accounts, and bypassing various authentication factors.
The information that the attackers had on that occasion was user data extracted from a backup of the platform between 2005 and 2007, which included account names, emails, encrypted passwords and content of those registered in that epoch.
It may interest you: Xiaomi, OnePlus and Realme would be spying on their users
But they also took control of digests of emails sent by Reddit between June 3 and June 17, 2018, which contain user account names and email addresses, as well as content suggested for these people by subreddits to which they were sent. that they are subscribed to.
After notifying the attack, the social network confirmed that it had it under control and that it had strengthened security through registration and monitoring systems. In addition, to strengthen the rotation of the API keys, which were required to authenticate the user when entering the servers.
A much more complicated context than the recent attack, which occurred through phishing.
It may interest you: Cybersecurity: how the solution created to prevent the leakage of confidential information works