---
title: "Threat Actors Breach Reddit and Access Internal Documents, Code, and Business Systems | Phish Protection"
description: "Threat actors managed to infiltrate the popular social media platform Reddit and access internal documents, code, and some internal business systems."
image: "https://phishprotection.com/og/blog/threat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems.png"
canonical: "https://phishprotection.com/blog/threat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems/"
---

Quick Answer

\[Threat actors\](/phishing-awareness/threat-actors-using-phishing-as-a-service-phaas) managed to infiltrate the popular social media platform Reddit and access \*\*internal documents, code\*\*, and some internal business systems, highlighting the need for individuals and organizations to take robust measures to

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthreat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Threat%20Actors%20Breach%20Reddit%20and%20Access%20Internal%20Documents%2C%20Code%2C%20and%20Business%20Systems&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthreat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthreat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthreat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems%2F&title=Threat%20Actors%20Breach%20Reddit%20and%20Access%20Internal%20Documents%2C%20Code%2C%20and%20Business%20Systems "Share on Reddit") [ ](mailto:?subject=Threat%20Actors%20Breach%20Reddit%20and%20Access%20Internal%20Documents%2C%20Code%2C%20and%20Business%20Systems&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fthreat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2023/02/spear-phishing-protection-6489.jpg) 

[Threat actors](/phishing-awareness/threat-actors-using-phishing-as-a-service-phaas) managed to infiltrate the popular social media platform Reddit and access **internal documents, code**, and some internal business systems, highlighting the need for individuals and organizations to take robust measures to safeguard their information . This text shares the details of the attack, what information was accessed, what Reddit is doing, and how to stay protected.

Cybercrime is a growing storm in the world of technology, and it’s hitting us harder each day. With the world becoming more connected, [data breaches](/phishing/data-breaches-how-they-impact-small-businesses) are becoming the new normal and making headlines with **alarming frequency**. These incidents are a harsh reality check of the importance of taking proactive measures to secure all systems and sensitive information.

The latest case in point is the [Reddit data breach](https://www.bleepingcomputer.com/news/security/hackers-breach-reddit-to-steal-source-code-and-internal-data/), where a threat actor successfully infiltrated the platform using [phishing](/resources/what-is-phishing) as the entry point. This breach has made waves and raised concerns about the safety of one of the world’s most widely used social media platforms. In light of this, we aim to provide a **comprehensive report** on the situation. From the details of the attack to Reddit’s efforts in keeping its users secure and the steps you can **take to protect yourself**, we’ve got you covered.

![Spear phishing protection](https://media.mailhop.org/phishprotection/images/2023/02/spear-phishing-protection-6489.jpg) 

### Reddit Data Breach at a Glance

On the evening of 5 February 2023 , Pacific Standard Time, Reddit[discovered](https://www.reddit.com/r/reddit/comments/10y427y/we%5Fhad%5Fa%5Fsecurity%5Fincident%5Fheres%5Fwhat%5Fwe%5Fknow/)a highly sophisticated phishing attack that targeted its employees.

As is typical in such campaigns, the threat actor sent out persuasive prompts that directed employees to a phishing website that **replicated the appearance** and behavior of Reddit’s internal network gateway, intending to steal login credentials and secondary authentication tokens of its employees to gain internal network access.

After successfully obtaining an employee’s credentials, the threat actor gained access to\_ internal documents, code, and some internal dashboards and business systems\_. Reddit has found no evidence of any intrusion into its **primary production systems**, which are the core components of its platform that run Reddit and store the **majority of its data**.

However, the exposure involved limited contact information for hundreds of current and former employees, administrative contacts, and **little advertiser information**. When it comes to minor data breaches, Reddit is not a newcomer. About five years ago, the platform[publicly disclosed](https://www.reddit.com/r/announcements/comments/93qnm5/we%5Fhad%5Fa%5Fsecurity%5Fincident%5Fheres%5Fwhat%5Fyou%5Fneed%5Fto/)a similar hacking incident through a post with a similar headline where the threat actors got into Reddit systems and accessed critical user information .

> 

It is commendable that Reddit is being transparent and honest with its users regarding this current breach. However, the statement “we don’t think any of your data was stolen” tends to be used before a more significant breach is discovered. At this point, no indications suggest such an outcome, but it is vital to continue monitoring the situation.

### Details of the Previous Reddit Data Breach

> “When I talk to prospects about phishing protection, I don’t lead with features - I lead with math. A single successful BEC attack costs $125,000 on average. Phish Protection for a 50-person company costs $49 a month. The ROI calculation writes itself. You’re not buying software, you’re buying insurance that actually works.” - **Dan Calkin**, VP of Sales, DuoCircle

On 19 June 2018 , it was discovered that a threat actor had compromised a portion of Reddit’s employee accounts through their cloud and source code hosting providers between 14 June and 18 June. The threat actor could only gain **read-only access** to specific systems containing _backup data, source code, and logs_ and could not alter Reddit’s information.

In response, Reddit took measures to fortify its security protocols, including tightening access to all production secrets and [API (Application Programming Interface)](https://www.mulesoft.com/resources/api/what-is-an-api) keys and enhancing its\*\* logging and monitoring systems\*\*.

### What Did Reddit Respond to the Attack?

Reddit’s security, engineering, and **data science teams** and outside experts have conducted a thorough investigation over several days. Reddit has found no evidence to suggest that any user’s private data was accessed or that Reddit’s information was **published or shared publicly**.

Soon after falling victim to the [phishing attack](/resources/7-most-common-phishing-attacks-and-learning-to-protect-against-them), the impacted employee self-reported the incident, and Reddit’s security team reacted swiftly by revoking the threat actor’s access and launching an **internal investigation**. Reports of similar phishing attacks have been circulating recently. Reddit continues to closely monitor the situation and investigate the matter while working with its employees to improve their **security awareness**. As we all know, human error can often be the weakest link in [security protocols](https://www.geeksforgeeks.org/types-of-internet-security-protocols/).

Reddit stated that it aims to understand and **prevent future incidents** of this nature thoroughly, and the security update was shared to provide any additional information as it becomes available. So far, many of the lessons learned by Reddit five years ago continue to be relevant.

### Reddit’s Recommendations to its Users

Reddit reported on the urgency and severity of the breach and reminded its users how to protect their Reddit accounts.

The simplest and most effective measure users must take is to utilize 2FA (Two-Factor Authentication), which adds a layer of security when accessing Reddit accounts. For instructions on[enabling 2FA](https://reddithelp.com/hc/en-us/articles/360043470031-What-is-two-factor-authentication-and-how-do-I-set-it-up-), you can refer to Reddit’s help center.

Additionally, Reddit asked its users to **update their passwords** every few months to ensure that it is solid and unique for maximum protection and to use a [password manager](https://www.doherty.co.uk/blog/the-benefits-of-a-password-manager/). Password managers not only **generate complex passwords** but also provide an extra layer of security by warning users before using the password on a phishing site, as the domains do not match.

### What Can You Do to Protect Your Reddit Accounts and Information\*\*?\*\*

Following a data breach at an organization, users must take steps to protect their accounts and information. Here are some recommended actions:

- **Change Passwords:**Change the password for the affected account and any other accounts that use the same password. Use a solid and unique password , and consider using a password manager to generate and store secure passwords.
- **Enable 2FA:**2FA adds an extra layer of security to your accounts by mandating an additional form of authentication beyond just a password. You can use 2FA to send a code to your phone or an authentication app, use additional PINs, or **add security questions**.
- **Monitor Accounts:**Regularly check your accounts for unauthorized activity or changes, such as _checking bank statements, credit reports, and other financial accounts._
- **Be Cautious of Phishing Scams:**Be wary of emails or messages that ask for personal information, even if they appear to be from a trusted source. It is best never to click on links or download attachments from suspicious or unsolicited emails .
- **Keep Software up to date:**Regularly update your software, including your operating system, browser, and other applications, to ensure that any [security vulnerabilities](https://snyk.io/learn/security-vulnerability-exploits-threats/) are patched.
- **Educate Yourself:**Stay informed about [cybersecurity](/content/cybersecurity-in-a-nutshell) best practices and the latest threats, and educate yourself and others on recognizing and preventing attacks. It would be best to add **excellent anti-virus software** to your devices for the best [phishing protection](/) against cyber threats.
![Prevent spear phishing](https://media.mailhop.org/phishprotection/images/2023/02/prevent-spear-phishing-5689.jpg) 

### Final Words

Cyberattacks are a growing threat in the digital world, and the recent **Reddit phishing attack** and breach are just the tip of the iceberg. But just because they’re becoming more common doesn’t mean we should ignore their severity.

The Reddit breach shines a spotlight on the cunning tactics of cyber criminals and their **ever-growing reach**. It’s a wake-up call for organizations to take cybersecurity seriously and take proactive measures to stay protected. So, what can we do about it? Stay informed and two steps ahead [cybercriminals](/blog/cybercriminals-are-duping-millions-of-accounts-in-the-latest-facebook-phishing-campaign/) by keeping up with the latest **advancements and news** in the field. Doing so can reduce our risk of falling victim to cybercrime and ensure a\*\* secure future in the digital age\*\*.

## Topics

[ Phishing Awareness ](/tags/phishing-awareness/)[ Cybersecurity ](/tags/cybersecurity/)[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 23m  Anatomy of a Trust-Based Attack: Deconstructing the Nifty.com Phishing Campaign and the New Frontier of Corporate Defense  Jun 10, 2025 ](/blog/anatomy-of-a-trust-based-attack-deconstructing-the-nifty-com-phishing-campaign-and-the-new-frontier-of-corporate-defense/)[  Foundational 5m  Business Essentials: The Top Email Marketing Security Strategies for 2023  Dec 13, 2022 ](/blog/business-essentials-top-email-marketing-security-strategies-2023/)[  Foundational 5m  Interserve Fined $5 Million by ICO and Why Anti-Phishing Measures are the Need of the Hour  Oct 28, 2022 ](/blog/interserve-fined-5-million-ico-anti-phishing-measures-hour/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Threat Actors Breach Reddit and Access Internal Documents, Code, and Business Systems","description":"Threat actors managed to infiltrate the popular social media platform Reddit and access internal documents, code, and some internal business systems.","url":"https://phishprotection.com/blog/threat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems/","datePublished":"2023-02-21T08:14:03.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2023-02-21T08:14:03.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/threat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems/"},"articleSection":"foundational","keywords":"Phishing Awareness, Cybersecurity, Phishing","wordCount":1242,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2023/02/spear-phishing-protection-6489.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"Threat Actors Breach Reddit and Access Internal Documents, Code, and Business Systems","item":"https://phishprotection.com/blog/threat-actors-breach-reddit-and-access-internal-documents-code-and-business-systems/"}]}
```