So they “broke into Reddit” back in February and contacted Reddit in April. After Reddit didn’t react they contacted them again a few days ago at this very opportunistic time.
They never specified exactly what kind of data they stole, nor did they prove it by providing samples.
For all we know this story could be entirely made up and they actually have nothing.
But even if they have something, them trying to come across as the good guys in this is so weird to me. No, you’re not the good guys. You are criminals.
February? Then I believe they have obtained a full copy of all posts and comments on the site. /s
(For those who don’t get the joke: https://github.com/Watchful1/PushshiftDumps - full dumps of all Reddit data up to February exist, and I think archive.org has the March file too)
I want the API changes reverted as much as any other Reddit refugees here, but I can’t stand behind this kind of malfeasant extortion.
Not only is it blatantly obvious they’re using the API change rhetoric as a means of irritating Reddit into giving them their hush money, it also avts towards delegitimising all protest efforts made by the Subreddits thus far
But as the text says, this extortion began 5 days before the API changes were even announced. These criminals don’t give a f*ck about the API and threaten to leak the data of those same users they’re claiming to protect.
I think we should just ignore this, because it’s a distraction for public pressure and will only make Reddit look better - either by delegitimising the protest or by making them look like a victim instead of the perpetrator they are.
Karma IS a bitch, but I for one am still not going to stand behind illegalities like this. It’s not the way.
As I said before, these hackers don’t care. The grandstanding is their way of getting attention off the backs of the protests. All supporting these criminals does is delegitimise the real protest by making Reddit look like the victim.
That aside, even from a practical standpoint this wouldn’t work longterm. If extorted into backpeddalling, Reddit will just quietly up their data security, and once they’ve made sure the threat of a leak is dealt with, they’ll go right on back to the API change.
While I agree with you, it’s also hard for me to feel bad for Reddit in this scenario.
I think it’s not relevant to our cause either way and it’s something that will be forgotten about eventually even if whatever data gets leaked publicly.
We just gotta focus on making Lemmy better and more desirable.
Ransomware operators are scum and should not be trusted, let alone paid.
Not that this isn’t scummy but my understanding is that “ransomware” refers to software that locks a user or organization out of their systems until a fee is paid, generally my encrypting the disk.
This seems like a more traditional “hack” of a system where you get in and download data. Which makes threatening them is traditional blackmail.
I’ll have more respect if it were done by disgruntled employees, but this blackmail is done by a ransomware operator.
Yup. They absolutely shouldn’t pay, for decision theoretic reasons, but that doesn’t mean there won’t be interesting fireworks to watch.
Is it weird that I kind of want both groups to lose out here?
Nah you’re not going to catch me rooting for a ransomware attacker