Reddit suffers ‘sophisticated and highly targeted’ phishing attack, exposing source code
Reddit, the popular discussion website with 50 million daily users, said hackers gained access to the company’s source code as well as limited contact information for hundreds of current and former employees.
The incident began when unidentified attackers managed to steal employee credentials through a phishing website masquerading as Reddit’s intranet portal. After obtaining the credentials of one employee, the hackers gained access to some of the company’s internal documents and code, as well as some internal dashboards and business systems.
User passwords and Reddit’s production systems were not compromised, the company said in a statement on Thursday.
Although the company said it found no evidence that sensitive user data was accessed or accounts were compromised, it is advising its users to set up extra security measures, such as two-factor authentication and password resets.
Reddit's security team said it "immediately" launched an internal investigation last weekend after an employee affected by the phishing attack self-reported the incident. Reddit called it “a sophisticated and highly targeted phishing attack.”
The company had already been in a similar situation, and said that it has learned some lessons since then. In 2018, Reddit suffered a serious data breach when a hacker accessed some user data, including current email addresses and a database backup containing hashed passwords.
“Our goal is to fully understand and prevent future incidents of this nature,” said Reddit CTO Christopher Slowe.
Daryna Antoniuk is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.