Reddit suffers major ‘security breach’ and hacker gained access to Reddit’s internal systems, despite SMS Two-Factor Authentication on employee accounts.

Alex Robu — Fri, 03 Aug 2018 01:59:23 +0000

Reddit suffers major ‘security breach’ and hacker gained access to Reddit’s internal systems, despite SMS Two-Factor Authentication on employee accounts. Reddit discovered on 19 June 2018 that emails, encrypted passwords, private messages, public posts of some of the registered users and a backup of and old 2007 database was stolen by hacker who targeted employees accounts. Attackers were able to by pass two-factor authentication (2FA).

According the social media giant the hacker(s) gained read-only access to some of it’s systems that included source code, internal logs, users backup data and other files.

Reddit CTO Christopher Slowe admitted:

“Although this was a serious attack, the attacker did not gain write access to Reddit systems; they gained read-only access to some systems that contained backup data, source code, and other logs,”

The company is working with law enforcement authorities and has informed affected users. Mr Slowe advised users not to rely on SMS-based 2FA and use token-based 2FA. He also revealed that the head of security joined Reddit 2,5 months ago.

Not the 1s time for Reddit

Back in 2016, Reddit reset password for 100,000 users as they found out that the malicious third parties had account takeover (ATOs)

The post Reddit suffers major ‘security breach’ and hacker gained access to Reddit’s internal systems, despite SMS Two-Factor Authentication on employee accounts. appeared first on Hack Ware News.

reddit Archives - Hack Ware News

Reddit suffers major ‘security breach’ and hacker gained access to Reddit’s internal systems, despite SMS Two-Factor Authentication on employee accounts.