In a recent incident earlier this month Reddit systems were hacked. The Reddit hacker was able to gain access to some current email addresses and a database backup from 2007 that contained account passwords. The users have been assured by Reddit that the attackers have not able to gain write permission to any system and hence were successful in altering any information. After this incident, Reddit has locked all production systems and API keys and enhanced their monitoring system and logs.
Reddit explained that all company data, ever since it launched back in 2005 to 2007 was compromised which includes account credentials and email addresses. This was accomplished by intercepting Reddit’s SMS-based authentication system. According to Reddit, all public messages between 2005 and 2007 were grabbed, along with a few private conversations. Reddit also assured that in case you are one of the victims of this attack, you’ll get a message from Reddit and the company will reset your password on still-valid accounts.
The Reddit hacker, on the other hand, was also able to access the logs containing email digests Reddit sent out between June 3rd and June 17th of this year. Users who have received an email from [email protected] between those dates are the only ones affected by the hack.
The hacking incident has been reported to the law enforcement agency by Reddit, who are carrying the investigations. The company has become alter after the incident, taken measures to further secure its systems. These measures include the requirement of token-based two-factor authentication (2FA) while accessing sensitive systems. Reddit has requested all its users to reset their passwords, make them more secure and strong and also enable 2FA via an authenticator app irrespective of being hacked or not.
Also Read: IFA 2018 – What Should We Except?