Reddit Hack Exposes Users’ Emails, Passwords, and Messages

Reddit Hacked

Popular social news and discussion website Reddit fell victim to a data breach. According to an announcement by Reddit, a hacker broke in and accessed user data including email addresses and a database containing passwords. The site is currently investigating the incident to ascertain the extent of the hack. Reddit users are encouraged to check if they were affected and take the necessary steps to secure their accounts.

Reddit determined a breach had occurred June 19 between June 14 and June 18. The attacker compromised some employee accounts by intercepting SMS messages used for two-factor authentication. This granted privileged access to Reddit’s systems containing backup data, source code and logs. Since the perpetrator had read-only access, no modifications were made to the systems.

The information accessed includes a 2007 backup database containing usernames, encrypted passwords, email addresses, and messages. If you registered with Reddit during or before 2007, your credentials might be at risk. The attacker also accessed logs containing email digest sent between June 3 and June 17, 2018. These logs include the email addresses associated with users’ Reddit account. This means that if a user’s email address is linked to their Reddit account, said email address might have been compromised.

Reddit is still investigating the breach to determine what data the attacker accessed. The site is contacting users whose credentials might have been affected. Steps are also being taken to make the sites access points more secure such as improving encryption, enhanced logging and switching to token-based two-factor authentication. Relevant law enforcement authorities have also been notified and are participating in the investigation.

Follow Reactionary Times on WordPress.com

Trackbacks

  1. […] security breach that occurred on Reddit happened due to phone numbers being used as part of the 2FA process. A safer method for 2FA is to […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: