reddit recently disclosed in their announcements feed of a security breach into their system which the hacker "managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords." Include in the disclosed information was some reddit source code and some log files.
They went on to say in the announcement that the hacker did not obtain writing access into their system, but read-only. So the company urged users who have used the platform anywhere near 11 years ago to reset their password and consider enabling 2-factor authentication.
Jessica Marie, cybersecurity evangelist at WhiteHat Security, had this to say about the incident:
"Simply put, web applications are vital for today’s enterprises, offering a gateway to interact with consumers at any time, on any device. With so many consumers using web applications to access everything from their email to their bank accounts, security must be a top priority. According to WhiteHat Security research, web applications are consistently the most exploited means of entry into companies by hackers, and yet, companies are still failing to implement proper application security, to avoid being a vulnerable target.
"In the instance of reddit’s consumer data breach, it confirms again that security testing efforts are lacking and need to be the first step to protect against vulnerable targets, such as websites, databases, network connections, mobile applications, and APIs. With that said, we as users need to be better at taking security precautions, as well. I realize this is common sense, but it bears repeating:
Address:
3003 East Chestnut Expy
STE# 575
Springfield, Mo 65802
Phone: 1-844-277-3386
Fax:417-429-2935
E-Mail: contact@appdevelopermagazine.com