User data and private messages exposed in Reddit breach
Reddit, one of the world’s most popular websites and the self-proclaimed “front page of the internet,” was hacked in June, exposing some user data, internal logs, source code and other files, according to a post published to the platform Wednesday. Chief Technology Officer Christopher Slowe wrote on Reddit’s front page that an attacker compromised the accounts of several employees between June 14 and June 18 using an SMS intercept. The technique involves intercepting the two-factor authentication code that a website or app texts to a user when that person is logging on. “Already having our primary access points for code and infrastructure behind strong authentication requiring two factor authentication (2FA), we learned that SMS-based authentication is not nearly as secure as we would hope,” read the post from Slowe, who goes by the username u/KeyserSosa. “We point this out to encourage everyone here to move to token-based 2FA.” With SMS codes and passwords […]
The post User data and private messages exposed in Reddit breach appeared first on Cyberscoop.
Continue reading User data and private messages exposed in Reddit breach