Reddit says attackers bypassed its SMS-based two-factor authentication system. The social news aggregation site suffered a data breach in June. “If you signed up for Reddit after 2007, you’re clear,” Reddit’s founding engineer says. Reddit has added a slew of security improvements, including logging and encryption. Security experts remind users that they should be using a strong authentication system, not a “spoof” or “phishing” attack. The attack is notable in part because attacker bypassed Reddit’s SMS–based TFA – aka 2FA – system.”]
Source: https://www.cuinfosecurity.com/reddit-says-attackers-bypassed-sms-based-authentication-a-11273