Reddit Hacked, User Data Dating Back to 2007 Left Vulnerable

Reddit, the self-proclaimed “front page of the internet,” has been hacked — with all user data from as far back as 2007 left vulnerable.

According to an official announcement from Reddit, the content aggregation site was hacked this week with user data dating back as far as 2007 possibly accessed by hackers. According to the announcement post from Reddit administrators, the short version of what happened is:

A hacker broke into a few of Reddit’s systems and managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords. Since then we’ve been conducting a painstaking investigation to figure out just what was accessed, and to improve our systems and processes to prevent this from happening again.

The hack reportedly took place between June 14 and June 18 after hackers compromised Reddit employees accounts with their cloud and source code hosting services. Reddit admins claim that the hackers gained read-only access to the systems but did have access to backup data, source code, and other logs.

The Reddit announcement outlined what information was involved in the hack stating:

• All Reddit data from 2007 and before including account credentials and email addresses
  • What was accessed: A complete copy of an old database backup containing very early Reddit user data — from the site’s launch in 2005 through May 2007. In Reddit’s first years it had many fewer features, so the most significant data contained in this backup are account credentials (username + salted hashedpasswords), email addresses, and all content (mostly public, but also private messages) from way back then.
  • How to tell if your information was included: We are sending a message to affected users and resetting passwords on accounts where the credentials might still be valid. If you signed up for Reddit after 2007, you’re clear here. Check your PMs and/or email inbox: we will be notifying you soon if you’ve been affected.
• Email digests sent by Reddit in June 2018
  • What was accessed: Logs containing the email digests we sent between June 3 and June 17, 2018. The logs contain the digest emails themselves — they look like this. The digests connect a username to the associated email address and contain suggested posts from select popular and safe-for-work subreddits you subscribe to.
  • How to tell if your information was included: If you don’t have an email address associated with your account or your “email digests” user preference was unchecked during that period, you’re not affected. Otherwise, search your email inbox for emails from [noreply@redditmail.com](mailto:noreply@redditmail.com) between June 3-17, 2018.

The company also noted its response so far which includes:

• Reported the issue to law enforcement and are cooperating with their investigation.
• Are messaging user accounts if there’s a chance the credentials taken reflect the account’s current password.
• Took measures to guarantee that additional points of privileged access to Reddit’s systems are more secure (e.g., enhanced logging, more encryption and requiring token-based 2FA to gain entry since we suspect weaknesses inherent to SMS-based 2FA to be the root cause of this incident.)

The site has suggested that users change their password and enable 2-factor authentication on their accounts in order to avoid their user accounts being accessed.

The motive for hacking Reddit is currently unknown but the site has a reputation for engaging in censorious behavior. With an average monthly user visit count of 234 million, many of whom have accounts on the site, the site is a prime target for hackers who could find this information valuable.