Social news aggregation site Reddit was breached in June. Attackers bypassed the company’s SMS-based two-factor authentication system. Reddit founder: “We point this out to encourage everyone here to move to token-based 2FA” Reddit says it’s reported the intrusion to law enforcement and is participating in an ongoing investigation. Anyone who sent private messages via Reddit from 2007 or before could have had their messages exposed and some current members’ Reddit email digest subscriptions were also exposed, the U.K.’s National Cyber Security Center says in its post-breach advice for Reddit users.”]
Source: https://www.govinfosecurity.com/reddit-says-attackers-bypassed-sms-based-authentication-a-11273