This fourth dimension the victim is Reddit... seems someone is actually pissed off amongst Reddit's describe of piece of occupation concern human relationship ban policy or bias moderators.
Reddit social media network today announced that it suffered a safety breach inward June that exposed about of its users' data, including their electrical flow electronic mail addresses together with an onetime 2007 database backup containing usernames together with hashed passwords.
According to Reddit, the unknown hacker(s) managed to gain read-only access to about of its systems that contained its users' backup data, source code, internal logs, together with other files.
In a post published to the platform Wednesday, Reddit Chief Technology Officer Christopher Slowe admitted that the hack was a serious one, but assured its users that the hackers did non gain access to Reddit systems.
"[The attackers] were non able to modification Reddit information, together with nosotros conduct keep taken steps since the number to farther lock downwardly together with rotate all production secrets together with API keys, together with to get upward our logging together with monitoring systems," Slowe wrote.
According to Slowe, the most pregnant information contained inward the backup was describe of piece of occupation concern human relationship credentials (usernames together with their corresponding salted together with hashed passwords), electronic mail addresses together with all content including person messages.
Attacker Bypassed SMS-based Two-Factor Authentication
Reddit learned almost the information breach on June xix together with said that the aggressor compromised a few of the Reddit employees' accounts amongst its cloud together with source code hosting providers betwixt June fourteen together with June 18.
The hack was accomplished yesteryear intercepting SMS messages that were meant to grade Reddit employees amongst one-time passcodes, eventually circumventing the two-factor authentication (2FA) Reddit had inward house attacks.
The safety breach should live on a wake-up telephone phone to those who withal rely on SMS-based authentication together with believes it is secure. It's fourth dimension for y'all to movement on from this method together with switch to other non-SMS-based two-factor authentication.
Reddit is every bit good encouraging users to movement to token-based two-factor authentication, which involves your cellphone generating a unique one-time passcode over an app.
Reddit said that users tin follow a few steps mentioned on the breach proclamation page to banking concern check if their accounts were involved.
Moreover, Reddit volition reset passwords for users who may conduct keep had their login credentials stolen inward the breach, together with every bit good straight notify all affected users amongst tips on how they tin protect themselves.
