Categories: Data Breach

Reddit Data Breach – Hackers Stolen Users’ Email Address and Credentials

Reddit announced today as it suffered a data breach in June, hackers compromised the (2FA) enabled employees’ accounts and gained read access to the Reddit systems.

Reddit CTO Chris Slowe says “between June 14 and June 18, an attacker compromised a few of our employees’ accounts with our cloud and source code hosting providers.”

From this attack it shows the SMS-based authentication is not enough as the attacker’s intercept the SMS messages, if you have not moved to token-based 2FA it’s a wake-up call.

“They were not able to alter Reddit information, and we have taken steps since the event to further lock down and rotate all production secrets and API keys, and to enhance our logging and monitoring systems.”

Email Address and credentials Accessed – Reddit Data Breach

Hackers accessed an old database backup copy that contains Reddit’s user data such as the Email address, username, salted hashed passwords and all content (mostly public, but also private messages) from way back then.

Reddit CTO Chris Slowe says the database is very old one from 2005 through May 2007 and Reddit started sending a message to affected users and resetting passwords on accounts where the credentials might still be valid.

The hack attack took place between June 14 and June 18 and Reddit reads the attack On June 19 and Reddit confirms the attackers gained read-only access. If you have signed up to Reddit after 2007 there is nothing to worry about.

As the attacker had read access to our storage systems, other data was accessed such as Reddit source code, internal logs, configuration files and other employee workspace files, but these two areas are the most significant categories of user data.

Also Read

157 GB of Sensitive Data From Top Manufacturer Including Ford, Toyota, GM, Tesla Exposed Online.

Massive Data Breach – Hackers Stolen More than 1.5 Million Patients Personal Details.

Thousands of US Voters Personal Data Leaked Online Again.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Apple Fined $162 Million by France Authorities for Mobile Ad Market Domination

French antitrust regulators have imposed a hefty fine of €150 million ($162.4 million) on tech…

9 minutes ago

20,000 WordPress Sites at Risk of File Upload & Deletion Exploits

A critical security alert has been issued to WordPress site administrators following the discovery of…

27 minutes ago

Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub

The cybersecurity landscape has witnessed a concerning development with the emergence of "Prince Ransomware," an…

31 minutes ago

QR Code Phishing (Quishing) Attack Your Smartphones To Steal Microsoft Accounts Credentials

Cybersecurity researchers have identified a growing trend in phishing attacks leveraging QR codes, a tactic…

33 minutes ago

North Korea IT Workers Expand Their Employment Across Europe To Infiltrate the Company Networks

North Korean IT workers have intensified their global operations, expanding their employment footprint across Europe…

1 hour ago

Hackers Hijack Telegram Accounts via Default Voicemail Passwords

The Israeli Internet Association has issued a public warning about a surge in cyberattacks targeting…

2 hours ago