Reddit has confirmed that it recently suffered what appeared to be a fairly serious cyberattack, in which attackers got away with sensitive company data.
in one safety notice (opens in new tab)Reddit described the incident as a “sophisticated and highly targeted phishing attack.”
The company found that the attackers specifically targeted Reddit and created a fake intranet site, which was actually nothing more than a phishing landing page designed to steal credentials and multi-factor authentication (MFA) Stealing tokens from Reddit employees. It seems that no malware (opens in new tab) was used.
Internal documents accessed
After an unknown number of employees were targeted, one fell for the trick and gave the attackers access to internal Reddit systems. There they accessed sensitive data and Reddit source code.
“After successfully obtaining a single employee’s credentials, the attacker gained access to some internal documents, code, and some internal dashboards and business systems,” Reddit explained in the announcement.
“We show no evidence of a breach in our primary production systems (the parts of our stack that run Reddit and store the bulk of our data).”
The announcement also suggested that users shouldn’t worry too much about their accounts: “Based on our research to date, Reddit users’ passwords and accounts are safe,” it said.
Reddit said it was made aware of the cyberattack by the victim themselves, who reported it to the company’s security team, it added. Further investigation has revealed, BleepingComputer reports, that among the stolen data are contact information of company contacts as well as contact information of current and former employees.
In addition, the crooks also took data about company advertisers.
Reddit remains operational and the cyber attack has not affected its performance in any way, the company concludes. It also said it found no evidence that the attackers were able to breach production systems used to run the website.
Above: Beeping computer (opens in new tab)
