On August 1st Reddit informed users their system was breached and user data all the way back to 2005 was accessed. Despite having two-factor authentication, hackers managed to compromise account credentials, email addresses, and private messages. So pretty much if you’ve ever used Reddit you could be at risk. The hackers accessed Reddit employee accounts by intercepting a SMS-two factor authentication system. Read on to learn how Reddit users are affected.
Who is affected?
Hackers accessed early user accounts from 2005 – May 2007, created before Reddit established a robust security system. Email addresses, passwords, plus public and private messages from this time were stolen. Reddit has been sending information to those affected early platform users. But make sure to watch out for phishing emails that often follow these breaches!
Users who received these email digests between June 3-17th of this year had their usernames and email breached. If you don’t have an email address tethered to your user account, or if you opted out of email digests then you’re probably not affected as far as we know now.
When did this happen?
The breach took place between June 14-18th. Reddit reported the issue to law enforcement, informed affected users, and are securing their internal pathways and employee accounts. Unlike other tech companies, Reddit learnt from the range of recent breaches and got in front of this error.
What should you do?
- Check your inbox for emails from email@example.com if you’re unsure whether you are a Reddit user who receives email digests.
- Update your passwords. Dashlane is the best tool for this because it generates new, complex passwords and remembers them for you. Try it for free here.
- Run a FixMeStick scan. Breaches like this happen all the time and you may not hear about them, be safe with FixMeStick.
Subscribe to our newsletter here to keep up with the latest malware threats.