"Reddit Admits Security Breach"
A sophisticated and highly targeted phishing attack compromised the systems of the popular social media website Reddit. According to the company, the malicious actors behind the attack gained access to internal documents, code, and business systems. Reddit revealed that the hackers used a landing page imitating the company's intranet site to target its employees. This website attempts to steal Reddit employees' two-factor authentication (2FA) tokens and credentials. After a single employee fell victim to the attack, the threat actor was able to get access to Reddit's internal systems. When the employee reported the incident to the security team, the organization became aware of the compromise. Reddit acknowledged that the stolen data contained some information on the company's advertisers. However, the company noted that passwords and credit card information were not accessed by the threat actors. This article continues to discuss the security breach experienced by Reddit.