Based on Reddit, all firm information from the positioning’s launch in 2005 to 2007, together with account credentials and e-mail addresses, was accessed, seemingly by intercepting Reddit’s SMS-based authentication system. Reddit mentioned that each one public messages from this time interval had been grabbed, in addition to some non-public conversations. In the event you had been among the many members affected, you may get a message from Reddit and the corporate will reset your password on still-valid accounts. Additional, the hacker was in a position to entry the logs containing e-mail digests Reddit despatched out between June third and June 17th of this yr. You had been solely affected in case you acquired an e-mail from [email protected] between these dates.
Reddit has reported the incident to legislation enforcement, who started an investigation into the matter. Along with messaging affected customers, the corporate has taken measures to guarantee its methods are safer, together with requiring token-based two-factor authentication (2FA) for entry to delicate methods. Whether or not you had been straight affected or not, Reddit urges members to reset their password to one thing distinctive and powerful, and to allow 2FA by way of an authenticator app.