The criminal group behind the February Reddit hack is now demanding $4.5 million and the dropping of API changes, or the stolen data will be published.
No website is invulnerable. Since we know from Reddit’s godawful official app they don’t do development very well, no doubt the website also has vulnerable holes.
No website is invulnerable. Since we know from Reddit’s godawful official app they don’t do development very well, no doubt the website also has vulnerable holes.
They didn’t access the data through a vulnerability in the code, they phished some employee credentials and access it that way.
That in itself is a vulnerability. In my company we check for impossible travel, browser variance, etc. Credentials are only one aspect of this.
True, I just interpreted your comment differently to that.