Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code.
The company says the hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site. This site attempted to steal employees’ credentials and two-factor authentication tokens.
After one employee fell victim to the phishing attack, the threat actor was able to breach internal Reddit systems to steal data and source code.
“After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems,” explains Reddit in their security incident notice.
“We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).”
Reddit says they learned of the breach after the employee self-reported the incident to the company’s security team.
After investigating the incident, Reddit says the stolen data includes limited contact information for company contacts and current and former employees.
The data also included some details about the company’s advertisers but credit card information, passwords, and ad performance was not accessed.
