Online Community site, Reddit, informed its users that the company’s servers were breached by hackers, who had gained access to user data. The data breach was accomplished by successfully bypassing or circumventing the SMS based authentication on Reddit servers.
The hacker was able to obtain information about some current email addresses and a backup database from 2007 which contained old salted hashed passwords.
The data breach occurred between June 14 and June 18 of which the company learned about on June 19. The attacker was able to compromise a few employee accounts with the company’s cloud and source code hosting providers. The Company has its primary access points for code and infrastructure behind strong authentication that requires two factor authentication (2FA).
The attacker gained read-only access to some of Reddit systems that contained source code, backup data and other logs. This was a serious attack on the Reddit systems and if the attacker had gained write access, the consequences would have been worse.
Reddit informed users that a complete copy of an old database backup which contained early Reddit user data was stolen. This includes everything from the site’s launch in 2005 to May 2007. The Site was in its early stages at that time and the backup database did not have anything of significance other then account credentials with usernames and salted hashed passwords, emails addresses and all the content on the site including all public messages and some private messages.
The Logs containing email digests sent by Reddit from 3 June 2018 to 17 June 2018 were stolen as well. The digests are sent to users on their linked emails addresses with their Reddit accounts. The Digest contained the email itself with the suggested posts was stolen alongside the logs. The Email digest contains the user’s preferences for the latest news stories and posts for which they want to be informed about via email.
Reddit Data Breach affected Reddit Source Code, configuration files, internal logs and employee workspace files were also compromised apart from the significant user data.
Users who have been registered with Reddit since its early days are affected by this security breach. Reddit is sending a message to all the affected users where the credentials are still valid and the users active.
Users subscribed to the email digests are affected by the breach as their information is leaked. Those not subscribed to reddit’s noreply mail are safe.
Reddit has informed the law enforcement agencies about this data breach who are investigating the matter.
Users are being alerted about their credentials if the data stolen contains the current passwords in use, informing users to change their passwords so as to keep their account private.
Reddit has added extra encryptions to its privileged access points to Reddit’s systems and it now requires token based 2FA instead of the outdated SMS 2FA authentication. After this incident Reddit has stopped using SMS 2FA for all purposes and are sticking to authenticator apps for 2FA.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.