August 2018

Reddit reports breach! - Here is some information on who are all affected...

Reddit, the popular discussion website has announced that its website was breached by hackers.In a post published on its website, the site confirms that its site was breached, and hackers had access to most part of its servers on a read only mode.




A Short description from their post
                            "A hacker broke into a few of Reddit’s systems and managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords. Since then we’ve been conducting a painstaking investigation to figure out just what was accessed, and to improve our systems and processes to prevent this from happening again".


What happened?
"On June 19, we learned that between June 14 and June 18, an attacker compromised a few of our employees’ accounts with our cloud and source code hosting providers. Already having our primary access points for code and infrastructure behind strong authentication requiring two factor authentication (2FA), we learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept. We point this out to encourage everyone here to move to token-based 2FA.
Although this was a serious attack, the attacker did not gain write access to Reddit systems; they gained read-only access to some systems that contained 
backup data, source code and other logs. They were not able to alter Reddit information, and we have taken steps since the event to further lock down and rotate all production secrets and API keys, and to enhance our logging and monitoring systems."
So, is you affected? 

Yes, probably, but reddit says,  people who had signed up in the years like 2007 are mostly affected, and since the investigation is still going on,they are yet to confirm the actual people who're all affected.

  • What was accessed: Logs containing the email digests we sent between June 3 and June 17, 2018. The logs contain the digest emails themselves -- they look like this. The digests connect a username to the associated email address and contain suggested posts from select popular and safe-for-work subreddits you subscribe to.
  • How to tell if your information was included: If you don’t have an email address associated with your account or your “email digests” user preference was unchecked during that period, you’re not affected. Otherwise, search your email inbox for emails from noreply@redditmail.com between June 3-17, 2018.

Whether you're sure that you are affected or not sure, its recommended to change passwords atleast for the sites you visits, if you are the person who uses the same password for different sites.

Since the investigation is still under progress, reddit confirms that it will alert the users through email, that they are affected, if they are found to be..

What can you do?
"First, check whether your data was included in either of the categories called out above by following the instructions there.

If your account credentials were affected and there’s a chance the credentials relate to the password you’re currently using on Reddit, we’ll make you reset your Reddit account password. Whether or not Reddit prompts you to change your password, think about whether you still use the password you used on Reddit 11 years ago on any other sites today.
If your email address was affected, think about whether there’s anything on your Reddit account that you wouldn’t want associated back to that address. You can find instructions on how to remove information from your account on this help page.
And, as in all things, a strong unique password and enabling 2FA (which we only provide via an authenticator app, not SMS) is recommended for all users, and be alert for potential phishing or scams".

Source : Reddit 

This post was last updated on Aug 2,2018 (6.30 PM IST)