Reddit Reveals Hackers Compromised User Data, How To See If You're Affected

The reddit app listing on the Play Store

Reddit discloses ‘serious’ security breach it discovered on June 19th

Reddit said it discovered the breach the next day, on June 19.

Compromised user data includes email addresses, salted hashed passwords, and private messages.

According to the Reddit announcement about the security incident, the attacker was able to gain access to a complete backup copy of a user database dating from 2005 to 2007.

Reddit screen on a person's phone in a hand
Reddit Hacked – Attackers Steal a Complete Copy of an Old Database Backup After Compromising Employee Accounts

If you've used Reddit under the guise of anonymity to post anything you don't want linked to your public life, we recommend deleting the old content - or even your Reddit account. You can see if your account was affected by following the instructions above.

"A cybercriminal only needs to get their hands on one password to potentially gain access to private and even financial information across a number of accounts and apps".

If you suspect you were part of Reddit back in the day, or had a Reddit email digest sent to you in June of this year, consider the following.

CNN SNOWFLAKE: Acosta Whines About 'UN-AMERICAN' Treatment from Sarah Sanders
She said the president was "glad this efforts was delayed" so he can review the material. Thursday was the second day in a row Sanders has lambasted the media.

This database included usernames, salted and hashed passwords, email addresses, and all content. You can also check for emails from [email protected] between June 3 and June 17. Email digests sent between June 3 and 17 were also compromised, which contain usernames, email addresses, and info on a selection of popular subreddits you might subscribe to.

Since the Reddit data breach, the company has been working with law enforcement on an official investigation and contacting users who may have been affected by the breach. Check your PMs and/or email inbox: we will be notifying you soon if you've been affected. The hacker targeted employee accounts with the site's cloud and source code hosting providers. What's interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.

But how were hackers able to infiltrate the self-professed "Front Page of the Internet", and for how long? It's a large site with tons of topics and then tons of threads in ...

Anthony Martial hits back at Mourinho
Manchester United opens the Premier League season at Old Trafford in nine days. Sorry but my family will always come first.

"Another possibility is that the attackers exploited well-known weaknesses in the Signaling System No 7 (SS7) protocol which is at the heart of modern telephony routing or that they simply called up the victim's cellular provider and convinced them to transfer the phone number to a new SIM". Nevertheless, the swiped data is still a major concern.

Reddit reported the incident to law enforcement and is now aiding with the outside investigation.

What should you be doing?

Some methods are easier to decrypt than others, but the company is taking no chances, writing in an email to affected users that "we're messaging you because your Reddit account credentials were among the data that was accessed" and that "if there's a chance the credentials relate to your current password, we'll prompt you to reset the password on your Reddit account".

Backs re-acquire RP Ziegler before deadline
On the mound for the Dbacks was Robbie Ray, who lasted through five innings giving up four runs on two hits and striking out six. Diekman was traded on Monday after pitching against the Diamondbacks and striking out two batters in the ninth inning.

Latest News