Reddit suffered a cyberattack on Sunday evening that allowed hackers to access internal business systems and steal internal documents and source code

The company claims that the hackers used phishing targeting Reddit employees with a landing page impersonating its intranet site. This site tried to steal employee credentials and 2fa.

After one employee fell victim to the phishing attack, the hacker was able to break into Reddit’s internal systems to steal data and source code.

Reddit says it became aware of the breach after the employee self-reported the incident to the company’s security team.

https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/