cross-posted from: https://chat.maiion.com/post/3401

Reddit’s week appears to have gone from bad to worse, as AlphV (aka BlackCat) has claimed that operators broke into Reddit’s servers on February 5, 2023, and took 80 GB of zipped data. . Furthermore, Reddit has been contacted by BlackCat, once on April 13 and again on June 16, with no response and no attempt to find out what was taken. Following recent fallout from the subreddit blackouts, and the controversial comments from CEO Steve Huffman, Reddit has been having a tough time in the eyes of its users who have been reportedly leaving the platform and setting up alternatives on the fediverse (such as Lemmy or kbin), used by the Twitter alternative Mastodon.

https://www.neowin.net/news/reddit-claimed-to-have-been-hacked-by-blackcat-and-it-has-threatened-to-leak-the-data/

https://www.databreaches.net/blackcat-claims-they-hacked-reddit-and-will-leak-the-data/

  • NewEnglandBlueberry@lemmy.world
    link
    fedilink
    English
    arrow-up
    24
    ·
    1 year ago

    If that includes user data (such as emails, phone #s, social media accounts, etc.) that’s bad news for all of us who have or had accounts with them.

      • NewEnglandBlueberry@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        edit-2
        1 year ago

        They’re sign up options. You can sign up with Google, Apple, email and they ask users for their phone number for some reason as well iirc.

        • Moonguide@lemmy.ml
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          I’m not nearly techy enough to discuss this in detail, but I thought that reddit itself doesn’t really see that data (google password), thought it was an API that validated the log in. I’d be very happy to be corrected if wrong, however.

          • NewEnglandBlueberry@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Yes, that’s true for your Google password, but google does share your name, email and profile picture with the platform and “Third-party apps or services may use your email address, name, and profile picture in other ways as described in their privacy policy or elsewhere”. I’m not sure what Apple sign-in shares, but they probably give your email and name at a minimum.

    • waigl@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      1 year ago

      Good thing I never gave reddit any of those, despite their continued nagging over the years…

    • eee@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      the whole point of reddit is that it doesn’t have any of my user data, apart from what they can scrape from my browser such as IP address and browser fingerprint(s).