A major security breach at Reddit has left sensitive details of users in the hands of hackers, including their email addresses, private messages and usernames.

The online discussion board, which prides itself on providing anonymity, said hackers compromised employees' accounts by gaining access to two datasets.

The first contained old user information from May 2007. Hackers were able to gather information including usernames, email addresses, private messages and encrypted passwords. Users affected have been informed.

Hackers were also able to access a database relating to the site’s newsletter. The information in the database included usernames and associated email addresses. Together, these details could be used to work out the real identities of Reddit users by linking it to site activity.

Reddit, which is known as "the front page of the internet", reported the breach mostly affected accounts made from between 2005 and 2007, early in the site's history.

It did not confirm how many accounts were affected. However, the site had 36 million accounts as of 2015, so the number from a decade ago would be significantly lower.

Security experts have slammed Reddit for refusing to contact users who had their details stole in the second breach.

Cyber security expert Troy Hunt told the Telegraph: "Not contacting people who had their username and email addresses exposed is a very odd move because there are obvious privacy ramifications. Everyone should get an email."