Photo: Brett Jordan/Unsplash
Bad actors were able to steal a Reddit employee's credentials through a targeted phishing attack, and hackers were able to infiltrate its systems on February 5. According to a spokesperson from the company, they were able to access some of the site's "internal docs, code, as well as some internal dashboards and business systems." Data like contact information for hundreds of company contracts, current and former employees, and some advertisers were also exposed. However, Reddit assures users that the security team investigating the incident hasn't found any evidence so far that the passwords or any other non-public data have been compromised. They haven't found any indication that the stolen information was shared online, at least for now. Reddit said they are "continuing to investigate and monitor the situation closely."
Reddit employees were apparently getting "plausible-sounding prompts" that lead to a website that mimics the look and behaviour of its intranet gateway. It was designed this way so they can steal people's logins and second-factor tokens. An employee, unfortunately, fell for the scheme but immediately self-reported. This allowed Reddit's security team to respond to the situation.