Reddit, one of the most popular sites on the internet, fell victim to a cyberattack in June, the company revealed today, allowing hackers to steal email addresses and passwords of what the company calls a "small number" of users.
The attack happened despite Reddit's use of two-factor authentication, which relies on two separate factors, like a password and an SMS message. In this case, the SMS messages were intercepted, according to the company. The incident will prompt it to move to a stronger "token-based" authentication. Google recently began offering this type of authentication, and says it has successfully been used to ward off attacks like the one Reddit says it fell victim to.
The incident comes at a time when Reddit is trying to change its business model to make money off of its vast audience through targeted advertising, a move that's rankled some members of its community, which have traditionally skewed from support groups to those with shared pornography interests.
Reddit has become one of the five most popular sites on the internet, with more than 330 million monthly visitors, CNBC has previously reported. The company, which raised $200 million at a valuation of $1.8 billion last year, is making a push to sell more advertising in an attempt to reach the kind of business success that other high-traffic social networks, such as Facebook and Twitter, enjoy.