Share this article on:
Chat and news aggregation site Reddit has reported that it was the target of a successful phishing attack on 5 February.
Investigations are ongoing, but so far, Reddit reports that “limited contact information” of hundreds of employees has been accessed. Reddit has not offered details but has assured users in a post in r/reddit that no non-public data has been accessed, nor have any passwords or similar data.
The phishing attack led an employee to a site that mimicked Reddit’s own intranet gateway, which allowed the person behind the phishing attack to access that employee’s credentials. They were then able to access some internal files and dashboards, as well as some “internal business systems”.
However, it looks like no primary systems were accessed, nor any part of the stacks that actually run Reddit or where most of the company’s data is stored.
So far, none of the data that was accessed has been posted online, either.
One of the possible reasons the breach was not more of a problem is that the employee who was phished realised what had happened, and reported the attack right away. This allowed Reddit’s security team to curtail access to its systems and begin looking into what had happened.
“We’re continuing to investigate and monitor the situation closely and working with our employees to fortify our security skills,” a spokesperson said in a post.
“As we all know, the human is often the weakest part of the security chain.”
Reddit is continuing to monitor the incident and has suggested all its users enable two-factor authentication on their accounts.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.