Categories: News

Reddit Confirms Phishing Hacking Incident – But Users Probably Need Not Worry!

Phishing is, unfortunately, something all online users should be aware of. – For those of you unfamiliar with the term, this is typically when you receive an email (or some other message) which appears to be from a legitimate source, but is actually some (usually malicious) third-party attempting to fool you into voluntarily giving away highly sensitive information.

As we recently reported, phishing attacks appear to be on the rise, and, as such, people should always be careful, or at least sceptical, about whatever they may receive in their inbox.

Following an official post from Reddit, however, it seems that even they are not immune to this problem as they have just confirmed that a successful phishing attack was made on their platform. The good news for us, however, is that it does not appear that any user information was compromised.

Reddit Confirms Successful Phishing Attack!

As part of the blog post (which you can check out in full here) Reddit has said:

On late (PST) February 5, 2023, we became aware of a sophisticated phishing campaign that targeted Reddit employees. As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens.

After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems. We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).

Exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information. Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online.

What Do We Think?

Well, firstly you have to give that employee a lot of credit for being willing to own their mistake. I mean, let’s be honest, how many of you reading this would’ve just kept quiet and just hoped that nothing came or your mistake? Or, perhaps more likely, hoped that the blame would never specifically be pinned on you? – And hell, even if it was, you could just deny it or throw your hands in the air and go ‘whoops…’.

In all serious though, while clearly a problem for Reddit, the good news for its community is that there are no indications suggesting that any kind of end-user information was compromised. It’s just one of those unfortunate things which, admit it or not, could happen to anyone.

Just remember folks, as we noted above, you get something a bit weird in your inbox, check the source before clicking any kind of link!

What do you think? – Let us know in the comments!

Mike Sanders

Disqus Comments Loading...

Recent Posts

Cyberpunk 2077 Title Update 2.1 Full Patch Notes Look EPIC!

CD Projekt RED has just released the patch notes for the next title update that…

3 hours ago

Blackview Rugged Tablet Active 8,10.36 Inch Android

💖【Newest Portable Rugged tablet】Blackview Active 8 is Blackview's latest Rugged Tablet in 2023. Based on…

6 hours ago

TP-Link Next-Gen Wi-Fi 6 AX3000 Mbps Gigabit Dual Band Wireless Router

Next-Gen Gigabit Wi-Fi 6 Speed—2402 Mbps on 5 GHz and 574 Mbps on 2.4 GHz…

6 hours ago

Beats Solo3 Wireless On-Ear Headphones

High-performance wireless Bluetooth headphones in black Features the Apple W1 chip and Class 1 wireless…

6 hours ago

Apple AirPods (3rd generation) with Lightning Charging Case

Spatial audio with dynamic head tracking places sound all around you Adaptive EQ automatically tunes…

6 hours ago

Echo Show 15 + Remote Full HD

Everything you need at a glance—with a 15.6" full HD (1080p) smart display and Fire…

6 hours ago