Reddit was just hacked–here’s what you need to do right now
Reddit announced today that its systems had been hacked at some point earlier this summer.
In a post on its r/announcements section, the company said that sometime between June 14 and June 18 an attacker “broke into a few of Reddit’s systems and managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords.” The hacker was able to bypass SMS-based authentication, which is a common safeguard used to protect against external intrusion. But, as Reddit writes, this text-based form of two-step authentication is “not nearly as secure as we would hope.”
The attacker was able to access very early Reddit user data–including everything from the year 2007 and before. This means email addresses, user names, and salted and hashed passwords were likely accessed. Not only that but email digests sent in June 2018 were also accessed.
Here’s what you need to know:
Overall, this is a good reminder that attackers can even overcome widely accepted security defenses. You may want to rethink using SMS-based authentication and use an authenticator app for two-factor.
To learn more about the attack, as well as what else you can do to protect your Reddit account, you can read the post here.
(23)