Reddit says that an employee was on the receiving end of a fishing attack but its production systems were not affected by the resulting breach.
Brett Jordan / Unsplash
Reddit has confirmed that it was on the receiving end of a cyberattack on 5 February 2023, saying that it “became aware of a sophisticated phishing campaign that targeted Reddit employees.” The result was a successful fishing attempt.
Thankfully, it doesn’t sound like Reddit users need to worry too much, and the company says that it doesn’t believe that any of the information accessed has been published online regardless.
Bleeping Computer reported on the attack which Reddit confirmed via a post to its /Reddit subreddit.
The outfit confirmed that a single employee’s credentials were compromised after “the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway.” Reddit’s statement continues, adding that “the attacker gained access to some internal docs, code, as well as some internal dashboards and business system.”
Reddit does say that the attackers were able to access limited contact information for hundreds of company contacts as well as current and former employees. Some advertiser information was also accessed, but it isn’t thought that any information that wasn’t already public has been scraped.
The security issue was self-reported by the affected employee, with Reddit’s security team removing access to its systems and beginning an investigation. Notably, Reddit also says that similar phishing attacks have been reported elsewhere without naming names. It’s thought that an attack on Riot Games – of Valorant fame – that saw game source code stolen is one example.
While it isn’t thought that any user data was accessed, Reddit does say that now would be a good time to remind people to set up two-factor authentication on their Reddit accounts. We’d echo that sentiment and extend it to all accounts that support two-factor authentication too.
