Reddit acknowledges that on February 5 of last year, a hacker obtained access to its internal files.
The “highly-targeted phishing attack,” as the business refers to it in a report, was carried out by a hacker who convinced one employee to click a prompt pretending to be an intranet gateway to the company’s system.
Despite the phishing attack, user passwords and accounts on Reddit are secure. The detectives learned that a hacker carried out a phishing assault on Sunday, February 5, as one of the Reddit staff members posted on the r/reddit community.
One or more of the company’s employees were the target of the sophisticated phishing campaign. Although the investigation determined that no accounts or passwords were compromised, the unidentified person was able to access the company’s internal documents and codes.
How the Hacker Got Into the System at Reddit
The unidentified hacker used “plausible-sounding” prompts to reach a corporate employee in order to access Reddit’s system without physically breaching the gateway.
When this prompt is clicked, a website that resembles the intranet gateway will be displayed. The platform’s personnel and Redditors will be the best people to ask for credentials and tokens over this channel.
According to the reports, there is no proof that private user or employee information has been accessed online. Reddit adds that there isn’t any conclusive proof that the private information is shared with other websites.
Reddit’s cybersecurity team swiftly blocked the hacker’s access after the unanticipated data breach occurred on the platform.
Reddit data breaches are nothing new these days. The report claims that a thread discussing a different phishing attempt from five years ago also exists.
According to the claim, a hacker at that time carried out the same action. Reddit reports that no data was stolen in the course of the incident. As of now, the company’s actions are beneficial to both its users and staff.
By being open and honest about the data breach, everyone will be aware of the specifics of the incident. They will also learn about the approach Reddit came up with to deal with the platform’s security issues.
Business Insider reported that some users caused ChatGPT to break its own rules in another Reddit thread.
They can direct ChatGPT to respond to inquiries regarding “illegal activities” and other contentious topics by establishing DAN as the AI app’s alter ego.
The original poster, SessionGloomy, claimed that DAN was designed to be a superior alternative to ChatGPT. He did this in order to learn how it responds to conversations with “ethical considerations.”