Hacker accessed 2007 backup of Reddit in June 2018 breach

Reddit became aware of the breach on June 19th, 2018

Popular content aggregation platform Reddit was the subject of a database breach back in June 2018.

According to an August 1st, 2018 announcement made by Reddit CTO and founding engineer Christopher Slowe, under his KesyerSosa username, a hacker managed to breach Reddit’s systems and access current email addresses as well as a 2007 database backup filled with old, encrypted passwords.

The backup reportedly contained early user data, including information from Reddit’s launch in 2005 until May 2007.

“In Reddit’s first years it had many fewer features, so the most significant data contained in this backup are account credentials (username + salted hashed passwords), email addresses, and all content (mostly public, but also private messages) from way back then,” wrote Slowe, in his August 1st post.

The hacker was able to access Reddit’s internal system between June 14th and June 18th, 2018, by accessing the accounts of some Reddit employees.

According to Slowe, the main attack was conducted by intercepting a two-factor authentication code sent through SMS.

Slowe added that Reddit was made aware of the breach on June 19th, 2018, and has since been working alongside cloud and source code hosting providers to learn more about the attack.

Reddit is also in contact with U.S. law enforcement entities and is cooperating with an investigation.

“Although this was a serious attack, the attacker did not gain write access to Reddit systems; they gained read-only access to some systems that contained backup data, source code and other logs,” said Slowe.

“They were not able to alter Reddit information, and we have taken steps since the event to further lock down and rotate all production secrets and API keys, and to enhance our logging and monitoring systems.

The website is currently in the process of informing affected users. Slowe recommended that users change their passwords and utilize a token-based two-factor authentication system.

“If you signed up for Reddit after 2007, you’re clear here,” said Slowe.

“Whether or not Reddit prompts you to change your password, think about whether you still use the password you used on Reddit 11 years ago on any other sites today.”

Source: Reddit