Reddit has reset over 100,000 account passwords after identifying a surge in account takeovers, which moderators believe can be attributed to the recent slew of massive data dumps posted online by malicious hackers. Reddit, however, maintains that it has not been hacked and in efforts to err on the side of caution is ramping up its security measures.
Reddit founding engineer Christopher Slowe said in a post: “If you haven’t seen it in the news, there have been a lot of recent password dumps made available on the parts of the internet most of us generally avoid. With this access to likely username and password combinations, we’ve noticed a general uptick in account takeovers by malicious (or at best spammy) third parties.”
He added: “Reddit itself has not been exploited, but even the best security in the world won’t work when people are reusing passwords between sites. We’ve ramped up our ability to detect the takeovers, and sent out 100,000 password resets in the last two weeks. More are to come as we continue to verify and validate that no one except for you is using your account.”
Reddit has also cautioned that the accounts that have been abandoned by users and remained inactive for several years will have their passwords reset. Account-holders who do not want to see their old accounts disabled will have to log in within 30 days of the account’s password having been reset. For the full article click here
from hacker samurai
No comments:
Post a Comment