Reddit, an online discussion forum, confirmed on Friday that a sophisticated and highly targeted phishing attack compromised its systems. Christopher Slowe, better known as KeyserSosa, the chief technology officer at Reddit, claims that the company learned about the “sophisticated” attack on its employees on February 5.
“As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens,” Slowe said.
“We show no indications of a breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data),” said the CTO.
The attacker was able to gain access to some internal documents, code, dashboards, and business systems after successfully obtaining the credentials of one employee. The exposure included little information about the advertiser and little information about the company’s (currently hundreds of) contacts and employees.
“We have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online,” Slowe wrote in a post.
The company is working with its employees to improve their security skills as it continues to closely investigate and monitor the situation.
“The most important (and simple) measure you can take is to set up 2FA (two-factor authentication) which adds an extra layer of security when you access your Reddit account,” said Reddit.