Reddit, the social aggregation and discussion site, confirmed that a security breach affected its systems on February 5. Often called the “front page of the internet”, the company disclosed that it was the victim of a, “sophisticated and highly-targeted phishing attack.”
A phishing attack is a form of social engineering, where attackers deceive the intended target, into revealing sensitive information.
This is usually done by getting the victim to click on fake emails, or getting them to navigate to insecure sites, where their activity can be monitored.
Reddit said that the phishing attack, targeted its employees, and deceived them into visiting a clone of the website’s intranet gateway, and getting them to input their credentials.
“After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems,” wrote Reddit.
“We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data),” it added in the statement.
Also Read | AI for weather forecasting: How Google and DeepMind researchers approach the problem
The website reiterated that user accounts and credentials were safe, and asked users to turn on two-factor authentication, if they haven’t done it already.
Reddit said that, “limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information,” was accessed during the breach.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
