Online discussion forum Reddit has confirmed that it faced a highly-targeted phishing attack targeting its employees on February 5.
“As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behaviour of our intranet gateway, in an attempt to steal credentials and second-factor tokens,” Reddit CTO Christopher Slowe said in a blog post.
After obtaining a single employee’s credentials, the attacker gained access to some internal documents, code, as well as some internal dashboards and business systems.
“We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data),” Christopher Slowe said.
Exposure included contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information.
“We have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online,” Christopher Slowe wrote in a post.
Reddit is aiming to investigate and monitor the situation closely and working with its employees to fortify security skills. Reddit did not reveal the name of the cyber security partner, which is responsible for blocking such phishing attack.
The most important and simple measure you can take is to set up 2FA (two-factor authentication) which adds an extra layer of security when you access your Reddit account, said Reddit.
