ibusinesslines.com October 22, 2018

Reddit’s serious "security incident" - what you need to know

03 August 2018, 09:10 | Jodi Jackson

Reddit’s serious "security incident" - what you need to know

Reddit’s serious

Reddit has suffered a "security incident" in the form of a sophisticated hack that has exposed the personal data of some users. Here's what steps it says users should take: "If your account credentials were affected and there's a chance the credentials relate to the password you're now using on Reddit, we'll make you reset your Reddit account password".

The firm said it discovered the breach on June 19, with the attack having taken place during the four previous days.

Reddit encourages users to change their passwords if they are similar to those they had in 2007 and to enable token-based two-factor authentication as the hackers reached its systems through SMS intercept.

The backup file contained usernames, hashed and salted passwords, email addresses, all public content and private messages from 2005 through to May 2007.

"From phishing scams and dictionary attacks - where fraudsters try certain common passwords based on the user's information - to synthetic identities, as little as an email address can go a long way in the hands of a bad actor".

Are messaging user accounts if there's a chance the credentials taken reflect the account's current password. The digests connect a username to the associated email address and contain suggested posts from select popular and safe-for-work subreddits you subscribe to.

When asked by the BBC, a spokesperson for Reddit refused to share any estimate for how many users may be affected.

Reddit employees use something called two-factor authentication on their accounts.

Reddit says it plans to notify all affected users and is encouraging users to reset passwords for accounts that might still be using decade-old passwords. Even the SMS-based authentication is better than simply protecting your account with a password. These users are not being directly informed by the company.

The company has already reported what happened to law enforcement and is cooperating with an investigation.

"Given today's security climate, all online companies should use the forms of multi-factor authentication that are appropriate for the data assets being accessed as well as using encryption and key management to secure sensitive data".

"A cybercriminal only needs to get their hands on one password to potentially gain access to private and even financial information across a number of accounts and apps".

So, what do you think about this? If you meet the criteria mentioned in the full breakdown, you should probably change your Reddit password - and you should probably look into two-factor authentication, either way.

Other News

Trending Now

Trump to Sessions: end Russian Federation probe 'right now'
Al Capone, the infamous gangster, was convicted of tax evasion and served most of the 1930s in prison before being paroled. Democrats skeptical of the Trump-led effort to protect the elections said they were glad there was a focus on it now.

Indian interest rate hike unlikely to affect NRIs
Analysts at Rabobank explained, that as widely expected, the Bank of England MPC raised the Bank rate to 0.75% from 0.50%. Over the last two bi-monthly MPC review meetings; there has been a total of 50 bps increase in the repo rate.

Bradley Wiggins: Geraint Thomas may now be Wales’ biggest sports star
Fair play, he's one of the strongest guys I know, mentally". And we have young guys coming through too". I'm floating around on cloud nine.

Alex Jones to ask for dismissal of Sandy Hook defamation lawsuit
In addition to asking for the cases to be dismissed, Jones also wants Pozner's family to pay him more than $100,000 in court fees. The parents have said Jones has engaged in a campaign of "false, cruel, and risky assertions", court filings showed.

Why gaming is a serious business for Sony
This morning, Sony announced the newest games PlayStation Plus subscribers will get to download for free the month of August. Annual results are now expected to reach JPY 2.135 trillion in sales and JPY 250 billion in profit.

Murray commits to China Open in October
Got to be careful what you say around these parts nowadays though #freespeech #fakenews", wrote Murray in his comment. Murray had surgery on his right hip in January, only returning to action on June 18, facing Nick Kyrgios at Queen's.

Trump Administration Rolls Back Fuel Economy Standards For Cars
Reforming Corporate Average Fuel Economy (CAFE) standards is a huge tax cut for American auto buyers, up to a $7,200 per vehicle. The administration's announcement that it will relax future fuel economy (CAFE) standards is good news for consumers.