On Wednesday, August 1st, Reddit announced that it had uncovered a data breach, according to NBC News. Hackers were apparently able to access a database containing email addresses linked to user accounts, including email addresses from some current accounts as well as a 2007 database backup that included old passwords that had been “salted and hashed” (in layman’s terms, they were scrambled for digital security protection).
Hackers were also reportedly able to access email addresses and public and private messages in the old database, Mac Rumors and other outlets reported.
Reddit reportedly sent an email to all affected users, which was mainly people who joined Reddit in 2007 or before. That’s a great proactive step, and it’s certainly better for those who might have been affected by the security breach to know sooner rather than later.
But this breach is clearly very serious, especially for a site that allows users to be fairly anonymous in their correspondence if they choose to be. It is possible that a database of emails connected to Reddit usernames could make it easier to link anonymous accounts to people’s identities, NBC News pointed out.
So what should you do if you were impacted by the Reddit security breach, or if this ever happens on another online forum you’re a member of?
The truth is, you can’t just delete your Reddit account and hope for the best. The information is out there, but there are steps you can take to protect your account on the site or on any sites where this could happen (and really, it could happen anywhere).
Reddit is recommending that users who are using passwords similar to the ones they had in 2007 should change them, but it’s probably not a bad idea to change your security login info even if you know you’ve changed your password and such since then.
Reddit also recommended that users enable two-factor authentication; take advantage of that extra security step is important whenever it’s available. Even if you weren’t specifically impacted by the Reddit breach, changing your password and setting up the authentication is a definite better-safe-than-sorry move.
Running a dark web scan to see if any of your information, like your phone number or email address, are floating around the web, and monitoring your identity online is never a bad idea either. If you’re not sure how to do all of that, a digital security expert can help.
It’s a good idea to always be careful about what you share online, but security breaches happen. The best thing you can do after they occur is take proactive, appropriate steps to protect your information and identity, on Reddit or any other corner of the web.
Thierry LeVasseur 