Reddit, the website supporting discussion and content ratings, has confirmed it was subject to a data breach, affecting all data held in 2007 and before and email digests sent in June of this year.
“Although it was a serious attack,” said Reddit in a statement, “the attacker did not gain write access to Reddit systems; they gained read-only access to some systems that contained backup data, source code and other logs.”
Jason Hart, CTO, Data Protection at Gemalto said: “Network intrusions like this are inevitable. The Reddit issue reinforces again that being breached is not a question of ‘if’ but ‘when’ and a multi-layered approach to security is needed. Even with multi-factor authentication deployed, the Reddit breach still occurred. Given today’s security climate, all online companies should use the forms of multi-factor authentication that are appropriate for the data assets being accessed as well as using encryption and key management to secure sensitive data.”
To read the full article click here.