Hackers Accessed Reddit's Business Systems, Stole Documents and Source Code
Feds say DPRK hackers ransom hospitals to fuel cyberattacks on US and S. Korea, New threat actor uses screenshots to gauge target worthiness, 1Password will offer plan that ditches password, much more
Metacurity is a reader-supported publication. To continue providing readers with what they tell me is the best infosec daily newsletter they read, I need your help. To support my work, consider becoming a paid subscriber.
Reddit suffered a cyberattack allowing hackers to access internal business systems and steal internal documents and source code.
The company says it discovered on February 5 that hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site, which attempted to steal employees' credentials and two-factor authentication tokens.
"After successfully obtaining a single employee's credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems," Reddit said. "We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data)."
Reddit says the stolen data includes…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.