Reddit says that it was hacked earlier this month, in a safety incident that compromised some firm knowledge. Nevertheless, the corporate says that Redditors don’t have any must worry as a result of person knowledge was not impacted by the episode—not less than, that the corporate is aware of of…“thus far.”

In a thread posted to the official r/reddit neighborhood on Thursday, an organization rep defined {that a} phishing assault had taken place on the night of Feb. 5. “Based mostly on our investigation thus far, Reddit person passwords and accounts are secure, however on Sunday night time (pacific time), Reddit techniques have been hacked because of a complicated and highly-targeted phishing assault,” the assertion reads. “They gained entry to some inner paperwork, code, and a few inner enterprise techniques.”

The hacker, whoever they have been, managed to trick a Reddit worker into clicking on a “plausible-sounding” immediate that forwarded them to a “web site that cloned the habits of our intranet gateway, in an try and steal credentials and second-factor tokens.” After the hacker nabbed the person’s login credentials, they used them to entry “some inner docs, code, in addition to some inner dashboards and enterprise techniques,” as the corporate places it.

In its assertion, Reddit stresses that it doesn’t suppose customers have been impacted by the digital intrusion. “Based mostly on a number of days of preliminary investigation by safety, engineering, and knowledge science (and mates!), now we have no proof to recommend that any of your private knowledge has been accessed, or that Reddit’s info has been printed or distributed on-line,” the corporate says. Reddit used the chance to encourage Redditors to beef up their private account safety. “Since we’re speaking about safety and security, this can be a good time to remind you learn how to defend your Reddit account…Study learn how to allow 2FA in Reddit Assist.”

In terms of minor knowledge breaches, this isn’t Reddit’s first rodeo. The truth is, roughly 5 years in the past the platform posted a thread with an similar headline, saying that it had been hacked in a considerably related manner. It’s good that Reddit is being clear and candid with customers about this incident, though “we don’t suppose any of your knowledge was stolen” has an unlucky behavior of being what an organization says earlier than a bigger breach is introduced. That stated, there’s no indication that that’s the case right here—you understand, thus far.