The company blamed it on a "sophisticated and highly-targeted phishing attack" that took place on February 5, 2023, targeting its employees.
Having successfully compromised one of the employees, the hackers were able to gain access to the company's internal business systems, steal internal documents and source code. Reddit representatives say that the attackers used a phishing bait and attacked employees, trying to lure them to a landing page that mimicked one of the Reddit intranet sites
Among the stolen data there was also information about the company's contacts and the contact details of some current and former employees. In addition, the stolen data contained some information about advertisers, but bank card information, passwords, and advertising performance metrics were not disclosed.
The company, however, stressed that there is no evidence to suggest that its production systems were breached or that users' non-public data has been compromised. There is no indication (yet
) that the accessed information has been published or distributed online.
Happy days.
Sources:
https://web.archive.org/web/2/https.../reddit-suffers-security-breach-exposing.html
https://xakep.ru/2023/02/10/reddit-hacked/
https://www.darkreading.com/attacks-breaches/reddit-breached-with-stolen-employee-credentials
Having successfully compromised one of the employees, the hackers were able to gain access to the company's internal business systems, steal internal documents and source code. Reddit representatives say that the attackers used a phishing bait and attacked employees, trying to lure them to a landing page that mimicked one of the Reddit intranet sites
Among the stolen data there was also information about the company's contacts and the contact details of some current and former employees. In addition, the stolen data contained some information about advertisers, but bank card information, passwords, and advertising performance metrics were not disclosed.
The company, however, stressed that there is no evidence to suggest that its production systems were breached or that users' non-public data has been compromised. There is no indication (yet
) that the accessed information has been published or distributed online.Happy days.
Sources:
https://web.archive.org/web/2/https.../reddit-suffers-security-breach-exposing.html
https://xakep.ru/2023/02/10/reddit-hacked/
https://www.darkreading.com/attacks-breaches/reddit-breached-with-stolen-employee-credentials
