Reddit knew of ‘security incident’ since 19 June but only alerted users more than a month later
More than a month since it happened, Reddit has this week confirmed that it has suffered what it is calling a ‘security incident’.
“Network intrusions like this are inevitable,” explained Jason Hart, CTO of data protection at Gemalto. “The Reddit issue reinforces again that being breached is not a question of ‘if’ but ‘when’ and a multi-layered approach to security is needed.”
“Even with multi-factor authentication deployed, the Reddit breach still occurred,” said Hart. “Two years ago NIST made recommendations for companies to consider stronger forms of MFA like token-based authentication. Given today’s security climate, all online companies should use the forms of multi-factor authentication that are appropriate for the data assets being accessed as well as using encryption and key management to secure sensitive data.”
To read the full article click here.