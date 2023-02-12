Reddit is a social news and discussion website. The site consists of thousands of subcommunities, known as “subreddits”. Reddit is also an extremely popular platform for AMAs (Ask Me Anything) sessions with celebrities, politicians, and other public figures.

On the 5th of February, a complex and highly targeted phishing attack compromised Reddit systems. They obtained access to internal documents, code, and business systems. Reddit says that no accounts and passwords were affected. In an attempt to acquire passwords and second-factor tokens, the attacker sent out plausible-sounding instructions directing employees to a website that mimicked the behavior of Reddit’s intranet gateway.

What happened?

After a single employee fell for the phishing attack, the hacker obtained access to some internal docs, and code, as well as some internal dashboards and business systems. Exposure included contact information for firm contacts, current and former workers, as well as advertiser information. Reddit has conducted a thorough preliminary investigation over several days and discovered no indication that any of the customers’ private information has been accessed, or that Reddit’s data has been posted online.

The impacted employee immediately reported that they had been phished, and the security team immediately took action by blocking the intruder’s access and starting an internal inquiry. Reddit reports that it is continuing its investigation.