Reddit suffers security breach

Popular social platform Reddit suffered a security incident in which unauthorized access was gained to internal documents, code, and some business systems. The attack was a result of a "sophisticated and highly-targeted phishing attack" on February 5, 2023, that targeted Reddit employees. The phishing attempt involved sending plausible-looking prompts that redirected to a website masquerading as Reddit's intranet portal to steal credentials and 2FA tokens. Although a single employee's credentials were phished, Reddit says there is no evidence that its production systems were breached or that users' non-public data was compromised. The company did reveal that limited contact information for hundreds of employees and advertisers was exposed.