A “sophisticated and highly-targeted phishing attack” led hackers to access some of Reddit’s internal workings, including documents and code.
The company first became aware of the attack in the evening hours (PST) of February 5th, a post from Reddit CTO Christopher Slowe, under username KeyserSosa, reads. The hacker sent employees prompts to a website that copied the intranet gateway to steal credentials, obtaining one employee’s authorization details.
“We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data),” Slowe said.
However, the hacker did gain access to some contacts related to company, employees, and advertiser information. An investigation found no evidence hackers accessed non-public user data or that the stolen information was shared online.
Slowe said users should set up two-factor authentication to add an extra security layer. Users can also change their password every couple of months and use a password manager for additional security.
This isn’t the first time Reddit has faced a cybersecurity incident. A 2018 incident lead hackers to obtain some customer information. But Slowe said lessons learned from that incident “have continued to be useful” in the present attack.