Reddit Is Covering Up Scale Of Data Breach Exposing Users’ Real Identities

Share This Article

Social media site Reddit is attempting to cover up the scale of a massive data breach that has exposed thousands of its users real identities. 

Reddit, the fourth most popular website in the US, quietly informed its users yesterday that a data breach had leaked user information. However, the actual truth is more disturbing.

Personal email address connected to thousands of accounts have been revealed, linking real names with Reddit accounts. This makes their past post history — on a site that sells itself on anonymity — a target that can be scraped to reveal plenty of private, highly personal details.

For years Reddit has encouraged people to openly engage in discussions where they reveal deeply personal details, bare their souls, and post fantasies and kinks. Steve Huffman, the site’s co-founder and CEO, has previously saidthat “privacy is built into Reddit.” It is the anonymity that Reddit promises that makes the site “more like a conversation one has in real life,” Huffman claims.

This breach originally occurred at TypeForm, but because Reddit required users to enter their usernames on that third-party site, their privacy is now compromised and their real identities have been exposed.

Screenshots of the Reddit announcement regarding the data breach can be seen below:

With credentials being bought and sold on the dark web for serious money, significant breaches – often in the millions, and sometimes including card data – seem to be more and more commonplace.

Based on the data stolen, here are specific types of information that are of value to cybercriminals. According to TrendMicro, hackers search for these data because they can be used to make money by duplicating credit cards, and using personal information for fraud, identity theft , and even blackmail. They can also be sold in bulk in deep web marketplaces.

  • Member name
  • Date of birth
  • Social Security number
  • Member identification numbers
  • Email address
  • Mailing and/or physical address
  • Telephone numbers
  • Banking account numbers
  • Clinical information
  • Claims information

End users are almost never the target of cybercriminals who are out to steal sensitive information in bulk, unless an individual is connected to an industry (for example, Spear Phishing). However, end users can be affected when their records were part of the information stolen from big companies. In such cases, it is best to take note of the following practices.

  • Notify your bank. Verify your account details and change PIN codes.
  • Double check email addresses from incoming emails. Cybercriminals can pose as bank representatives and ask for credentials.
  • Do not click suspicious looking links or download files from unknown sources.
  • If credentials or financials have been tampered, contact the breached company and ask if they can assist in enrolling in a fraud victim assistance program.
Did you like this?
Tip admin with Cryptocurrency

Donate Bitcoin to admin

Scan to Donate Bitcoin to admin
Scan the QR code or copy the address below into your wallet to send some bitcoin:

Donate Bitcoin Cash to admin

Scan to Donate Bitcoin Cash to admin
Scan the QR code or copy the address below into your wallet to send bitcoin:

Donate Ethereum to admin

Scan to Donate Ethereum to admin
Scan the QR code or copy the address below into your wallet to send some Ether:

Donate Litecoin to admin

Scan to Donate Litecoin to admin
Scan the QR code or copy the address below into your wallet to send some Litecoin:

Donate Monero to admin

Scan to Donate Monero to admin
Scan the QR code or copy the address below into your wallet to send some Monero:

Donate ZCash to admin

Scan to Donate ZCash to admin
Scan the QR code or copy the address below into your wallet to send some ZCash: