Reddit announced that its internal systems were breached on Feb. 5 as the result of an employee credential compromise.
The company said a “sophisticated and highly-targeted” phishing attack was able to trick a single employee into giving up their login information.
The cyberattackers then gained access to code and some internal data, including advertiser and employee information. Reddit user data was not affected, however, the company said.
“Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online,” the company said.