Reddit Is Covering Up Scale Of Data Breach Exposing Users’ Real Identities

Fact checked
Social media site Reddit is attempting to cover up the scale of a massive data breach that has exposed thousands of its users real identities. 

Social media site Reddit is attempting to cover up the scale of a massive data breach that has exposed thousands of its users real identities. 

Reddit, the fourth most popular website in the US, quietly informed its users yesterday that a data breach had leaked user information. However, the actual truth is more disturbing.

Personal email address connected to thousands of accounts have been revealed, linking real names with Reddit accounts. This makes their past post history — on a site that sells itself on anonymity — a target that can be scraped to reveal plenty of private, highly personal details.

For years Reddit has encouraged people to openly engage in discussions where they reveal deeply personal details, bare their souls, and post fantasies and kinks. Steve Huffman, the site’s co-founder and CEO, has previously said that “privacy is built into Reddit.” It is the anonymity that Reddit promises that makes the site “more like a conversation one has in real life,” Huffman claims.

This breach originally occurred at TypeForm, but because Reddit required users to enter their usernames on that third-party site, their privacy is now compromised and their real identities have been exposed.

Screenshots of the Reddit announcement regarding the data breach can be seen below:

With credentials being bought and sold on the dark web for serious money, significant breaches – often in the millions, and sometimes including card data – seem to be more and more commonplace.

Based on the data stolen, here are specific types of information that are of value to cybercriminals. According to TrendMicro, hackers search for these data because they can be used to make money by duplicating credit cards, and using personal information for fraud, identity theft , and even blackmail. They can also be sold in bulk in deep web marketplaces.

  • Member name
  • Date of birth
  • Social Security number
  • Member identification numbers
  • Email address
  • Mailing and/or physical address
  • Telephone numbers
  • Banking account numbers
  • Clinical information
  • Claims information

End users are almost never the target of cybercriminals who are out to steal sensitive information in bulk, unless an individual is connected to an industry (for example, Spear Phishing). However, end users can be affected when their records were part of the information stolen from big companies. In such cases, it is best to take note of the following practices.

  • Notify your bank. Verify your account details and change PIN codes.
  • Double check email addresses from incoming emails. Cybercriminals can pose as bank representatives and ask for credentials.
  • Do not click suspicious looking links or download files from unknown sources.
  • If credentials or financials have been tampered, contact the breached company and ask if they can assist in enrolling in a fraud victim assistance program.
Baxter Dmitry

Baxter Dmitry

Baxter Dmitry is a writer at The People's Voice. He covers politics, business and entertainment. Speaking truth to power since he learned to talk, Baxter has travelled in over 80 countries and won arguments in every single one. Live without fear.
Baxter Dmitry


  1. anything digital or on the computer has or can be hacked. our NSA has done it illegally too. why all the money funnelled to the federal govt to protect cybersecurity apparently has been pissed off and not used for cybersecurity.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.