Reddit Warns Users of Data Breach

  /     /     /  
Publicated : 23/11/2024   Category : security


Reddit Warns Users of Data Breach


An attacker broke into Reddit systems and accessed user data, email addresses, and a database of hashed passwords from 2007.



If you havent changed your Reddit password since 2007, now would be a good time.
Reddit today disclosed a security incident discovered on June 19, 2018. The company reports that between June 14 and 18, 2018, an attacker compromised employee accounts held with its cloud and source code hosting providers. It reports two-factor authentication was in place.
Already having our primary access points for code and infrastructure behind strong authentication requiring two factor authentication (2FA), we learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept, Reddit reports in a blog post, encouraging token-based 2FA.
The attacker did not gain write access to Reddit systems, the report continues, but did manage to infiltrate two key areas of user data: all Reddit data from 2007 and before, including account credentials and email addresses, as well as email digests Reddit sent in June 2018.
Because the attacker also had read access to Reddits storage systems, he or she could reach other data including Reddit source code, internal logs, configuration files, and other employee workspace files. Reddit has reported the breach to law enforcement and is alerting affected users to change their passwords, whether or not theyre currently using the site.
Read more details
here
.
 
 
 
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the
conference
 and
to register.

Last News

▸ New threat discovered: Mobile phone ownership compromised. ◂
Discovered: 23/12/2024
Category: security

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Reddit Warns Users of Data Breach