The popular news aggregator website Reddit has revealed that it suffered a data breach between June 14 and 18. While Reddit calls the attack “serious,” it hasn’t disclosed the number of users affected and said no data was altered. The hacker got read-only access to “some systems that contained backup data, source code, and other logs.”
The hacker was able to compromise Reddit’s employee accounts to get hold of some current email addresses and logs of “email digests” sent between June 3 and June 17. And also a database dump dating back to the year 2007 containing usernames, hashed passwords, and all content including some messages.
But the incident has shattered its belief that two-factor authentication is a safe way to secure accounts. The hacker was able to bypass Reddit’s SMS-based 2FA that was being used by its employees by intercepting SMS. As it tries to heal its wounds, Reddit wants to implement token-based 2FA.
How to know if you’re affected?
According to Reddit, if you have your email address tied to your username and you were subscribed to the “email digest” during the mentioned dates, then you are affected. You can also check for emails from [email protected] between June 3 and June 17.
The Redditors who created their accounts after 2007 aren’t affected. For the compromised account credentials which may still be valid, Reddit is informing users and resetting passwords. Users can visit this help page to remove any associated data they think is important.
If the affected users are using the same decade-old password elsewhere, it’s recommended that they change it right away.