The uncounted number of Reddit accounts have been locked out due to the prevailing security risk found by the site admin. Staff member “Sporkicide” observed unauthorized access due to which the account access was taken from the users.
The Reddit notification post only disclosed that the “large number of accounts were locked down due to a security concern.” It wasn’t mentioned that what was the amount. However, the post from the staffer further says that the security concern refers to the odd behaviour unlike the normal activity.
Explaining the issue, admin indicated towards a common practice of keeping similar passwords for multiple accounts. Therefore, if any of the websites is hacked, the users and their credentials will be available to the attackers. In this case, these credentials could be applied to the other popular platforms including Reddit and if a user has been using similar credential combination for any other account, it could be at risk.
With the start of 2024, the credential stuffing attacks could become more popular as they are easily carried out with the help of automated software. This software injects the compromised credentials into many popular websites so that they can find maximum matches.
According to the Trend Micro prediction, “Breached credentials will be actively and heavily used in fraudulent transactions as cyber-criminals take the next logical step after amassing data breach info dumps in past years: using these stolen credentials.”
Last year, Reddit suffered a prominent attack in which immense user data was compromised. The attack was incited by the hackers via staff accounts which were accessed through intervening SMS-based two-factor authentication codes.
Responding to the post, many redditors have said that their account had unique and strong password for Reddit. Whereas, in the yesterday’s security notice, Sporkicide mentioned that within few hours the locked account holders will be able to reset their password. The notice states, “This will take the form of either a notification to the account (yes, you’ll be able to log in to get it) and/or an email to any support ticket you’ve already sent in.”
Reddit accounts are a great attraction for users because of the easy entry, high trust for accounts, and the opportunity to push malicious content and make it viral.
Admin requested the Reddit users to set a unique and strong password. He further added, “I also encourage you to take this opportunity to make sure your email address is up to date to enable automated password resets and to add two-factor authentication to further secure your account.”
Share this article
About the Author
Zehra Ali is a Tech Reporter and Journalist. She has done her Masters in Mass Communication. Topics related to cybersecurity, IoT, AI, Big Data and other privacy matters are extensively covered by her on various platforms. You can follow her on twitter.More from Zehra Ali
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
Watch Prime Videos With Full Catalog and Unblocked Access Unblocking streaming content from Amazon P...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...