Reddit advises users to set up 2FA after confirmed data breach

What happened now? Reddit CTO Christopher Slow posted a post detailing the data breach that targeted the network’s systems. The attackers successfully gained access to business documents and Reddit data, but were unable to gain access to any of the underlying production systems. The post details the nature of the Feb. 5 attack, summarizes Reddit’s response to the intrusion, and suggests steps to set up two-factor authentication measures.

Slowe, also known as Keysersosa in the Reddit community, posted the news of the hack on subreddit r / Reddit Thursday afternoon. According to Slowe, the company was the victim of a sophisticated phishing attack that led to unauthorized user access to some of Reddit’s systems and data. “Based on our investigation, Reddit user passwords and accounts are secure,” Slow added.

The malicious payload was delivered on February 5 as a convincing phishing message directing unsuspecting users to a fake intranet gateway designed to collect user credentials. One employee was deceived by the message, later realized his mistake and reported the incident to the Reddit security team. The security team was able to stop the leak and ensure that critical systems were not damaged, infected, etc.

Despite the intrusion, Slow remains adamant that Reddit user accounts and passwords are safe and intact. According to the report, the data exposed in the hack was limited to the company’s business contacts, personal contacts, and promotional information. Reddit’s security services have not found any evidence that user information has been accessed, published or shared.

He further recommended that users enable two-factor authentication (2FA) to protect their accounts from future attacks. Additional guidelines were also provided, such as changing any access passwords periodically and using a password manager to help users identify domains that may not match.

Slow ended the post by offering Redditors a few hours of “Ask Me Anything” (AMA) time. The well-received session helped to reassure some of Reddit’s 50 million daily users, ensuring full transparency of the incident and Reddit’s subsequent response.

The incident helps highlight the importance of good cyber hygiene, training and awareness in any organization. Data security and intrusion techniques have evolved and will continue to evolve as technology gets better, faster and more accessible. Despite these advances, there will always be a weak link in the security chain that leaves systems and data vulnerable to attackers. In most cases, this connection can be found between the keyboard and the chair.