Reddit recently announced a security breach on its site, revealing that a malicious actor could gain access to its internal servers through a phishing campaign.
Reddit security breach
On February 5, 2023, Reddit became aware of a phishing campaign aimed at its employees. The attackers used “plausible sounding prompts” to trick employees into visiting a fake website that appeared to be the company’s intranet gateway. Unfortunately, at least one employee fell for the ruse and entered their login credentials, providing the attacker access to internal documents, code, and some business systems.
Investigations into the incident found no evidence that the attacker accessed Reddit’s primary production systems, which hold most of the site’s data, including user data. So far, there is no indication that any non-public user data, such as email addresses, saved posts, or conversations, have been published or distributed.
Thankfully, the employee who fell for the phishing attack reported the incident to Reddit’s security team soon after it happened. The team promptly changed the account’s status, removing the attacker’s access to Reddit’s systems.
The investigation into the security breach is ongoing, and Reddit has not disclosed any details about the information that the attacker may have obtained.
Change your credentials
Reddit suggests that users enable two-factor authentication to add an extra layer of protection to their accounts. However, it’s important to note that two-factor authentication alone may not provide complete protection against phishing attacks, especially if a user is specifically targeted.
It remains to be seen if Reddit’s initial assessment of the security breach holds as the company continues its investigation. However, users can take steps to protect their accounts, such as enabling two-factor authentication and remaining vigilant against phishing scams. And, of course, you may want to change your Reddit password to be more cautious.