Reddit hacked: Internal data accessed after phishing attack

Reddit said no high-risk data was accessed in the attack

Reddit said a hacker had gained access to some internal documents and business information last weekend. 

The website announced in an update on Friday that its team became aware of a sophisticated phishing campaign targeting employees on Feb. 5. After obtaining one employee's credentials, the attacker gained access to some of Reddit's internal systems. 

The information that was accessed may have included limited Reddit code, limited contact information for a small number of company contacts and both current and former employees, as well as limited advertiser information. 

LASTPASS HACK: CYBERSECURITY EXPERTS SOUND THE ALARM OVER DATA BREACHES

A person holds a phone with the Reddit logo

KRAKOW, POLAND - 2019/01/01: In this photo illustration, the Reddit logo is seen displayed on an Android mobile phone.  ((Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images) / Getty Images)

Reddit said that no high-risk data was accessed, including credit card details, company financial information, account passwords, or campaign strategy or performance.

Production systems, including the Reddit Ads platform, were not impacted and continue to operate as normal. 

The Reddit app

BRAZIL - 2021/02/01: In this photo illustration the Reddit logo seen displayed on a smartphone screen.  ((Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images) / Getty Images)

GET FOX BUSINESS ON THE GO BY CLICKING HERE

"Based on our investigation thus far, we have no evidence to suggest that any Reddit information has been published or distributed online," Reddit said.

The Reddit logo on a phone

Reddit logo displayed on a phone screen and a laptop are seen in this illustration photo taken in Krakow, Poland, on November 27, 2022.  ((Photo by Jakub Porzycki/NurPhoto via Getty Images) / Getty Images)

Reddit said the employee had self-reported, and its security team quickly responded to remove the infiltrator's access, notify law enforcement and initiate and internal investigation. 

CLICK HERE TO READ MORE ON FOX BUSINESS 

"Similar phishing attacks have been recently reported and are being investigated by law enforcement. We’re continuing to investigate the situation internally and working to fortify our security posture against these types of attacks," it said.