Reddit reports that its website was hacked and has accessed an old database of all registered users until 2007, implying that only the very old accounts were exposed to unscrupulous hackers.
Reddit was hacked and important user data was accessed.
Reddit was hacked and important user data was accessed by users who had already registered for some time. For this reason, the Reddit team recommends that all its users perform two-factor authentication (2FA) if hackers attempt to use the credentials.
On June 19, Reddit employees learned that a hacker compromised employee accounts between June 14 and 18 using the cloud and source code hosting providers. The main access points for the code and infrastructure are behind 2FA authentication, but SMS-based authentication was not secure enough.
All data for 2007 and previous years, including account information and email addresses, have been compromised.
Access: A complete copy of an old backup of the database with the data of Reddit users from the start of the website in 2005 to May 2007; in the first years of Reddit it had much fewer features, so the most important data in this backup are the access data (username + passwords), email addresses and all content (mostly public, but also private messages).
How you know if your data has been compromised: We send a message to affected users and reset passwords to accounts where the credentials are still valid. Check your PMs and/or your email inbox: We will notify you shortly if they are affected.
If you are in Reddit and your account is relatively new, don’t worry, but it never hurts to be warned and change your login password to a new one.