cross-posted from: https://chat.maiion.com/post/3401
Reddit’s week appears to have gone from bad to worse, as AlphV (aka BlackCat) has claimed that operators broke into Reddit’s servers on February 5, 2023, and took 80 GB of zipped data. . Furthermore, Reddit has been contacted by BlackCat, once on April 13 and again on June 16, with no response and no attempt to find out what was taken. Following recent fallout from the subreddit blackouts, and the controversial comments from CEO Steve Huffman, Reddit has been having a tough time in the eyes of its users who have been reportedly leaving the platform and setting up alternatives on the fediverse (such as Lemmy or kbin), used by the Twitter alternative Mastodon.
https://www.databreaches.net/blackcat-claims-they-hacked-reddit-and-will-leak-the-data/
If that includes user data (such as emails, phone #s, social media accounts, etc.) that’s bad news for all of us who have or had accounts with them.
Why would reddit have your phone #s, social media accounts, etc?
Adbux
They’re sign up options. You can sign up with Google, Apple, email and they ask users for their phone number for some reason as well iirc.
I’m not nearly techy enough to discuss this in detail, but I thought that reddit itself doesn’t really see that data (google password), thought it was an API that validated the log in. I’d be very happy to be corrected if wrong, however.
Yes, that’s true for your Google password, but google does share your name, email and profile picture with the platform and “Third-party apps or services may use your email address, name, and profile picture in other ways as described in their privacy policy or elsewhere”. I’m not sure what Apple sign-in shares, but they probably give your email and name at a minimum.
Good thing I never gave reddit any of those, despite their continued nagging over the years…
the whole point of reddit is that it doesn’t have any of my user data, apart from what they can scrape from my browser such as IP address and browser fingerprint(s).