cross-posted from: https://chat.maiion.com/post/3401

Reddit’s week appears to have gone from bad to worse, as AlphV (aka BlackCat) has claimed that operators broke into Reddit’s servers on February 5, 2023, and took 80 GB of zipped data. . Furthermore, Reddit has been contacted by BlackCat, once on April 13 and again on June 16, with no response and no attempt to find out what was taken. Following recent fallout from the subreddit blackouts, and the controversial comments from CEO Steve Huffman, Reddit has been having a tough time in the eyes of its users who have been reportedly leaving the platform and setting up alternatives on the fediverse (such as Lemmy or kbin), used by the Twitter alternative Mastodon.

https://www.neowin.net/news/reddit-claimed-to-have-been-hacked-by-blackcat-and-it-has-threatened-to-leak-the-data/

https://www.databreaches.net/blackcat-claims-they-hacked-reddit-and-will-leak-the-data/

  • @NewEnglandBlueberry
    link
    English
    231 year ago

    If that includes user data (such as emails, phone #s, social media accounts, etc.) that’s bad news for all of us who have or had accounts with them.

      • @NewEnglandBlueberry
        link
        English
        6
        edit-2
        1 year ago

        They’re sign up options. You can sign up with Google, Apple, email and they ask users for their phone number for some reason as well iirc.

        • @[email protected]
          link
          fedilink
          English
          21 year ago

          I’m not nearly techy enough to discuss this in detail, but I thought that reddit itself doesn’t really see that data (google password), thought it was an API that validated the log in. I’d be very happy to be corrected if wrong, however.

          • @NewEnglandBlueberry
            link
            English
            2
            edit-2
            1 year ago

            Yes, that’s true for your Google password, but google does share your name, email and profile picture with the platform and “Third-party apps or services may use your email address, name, and profile picture in other ways as described in their privacy policy or elsewhere”. I’m not sure what Apple sign-in shares, but they probably give your email and name at a minimum.

    • @waigl
      link
      English
      151 year ago

      Good thing I never gave reddit any of those, despite their continued nagging over the years…

    • @[email protected]
      link
      fedilink
      English
      51 year ago

      the whole point of reddit is that it doesn’t have any of my user data, apart from what they can scrape from my browser such as IP address and browser fingerprint(s).