The criminal group behind the February Reddit hack is now demanding $4.5 million and the dropping of API changes, or the stolen data will be published.
In the absence of literally any evidence at all to the contrary, I’m inclined to believe them for now. They seem to have followed protocol on everything else from what I’ve read.
I try to be skeptical until the whole story comes out. Neither party is particularly trustworthy but I have zero confidence in anything that reddit corporate says these days.
They can 100% know what was accessed and what wasn’t. This didn’t just happen, it happened in February and their SOC team or an external company would have conducted a full sweep as they’re legally required to disclose what was breached in many of the territories they operate in, which they did four days after the incident took place. I know it’s on trend to hate Reddit right now, but it’s not some one man operation running on a dusty old server in a garage, it’s something like the 20th most visited website on the entire internet, and that comes with certain legal obligations. They know what they’re doing and clearly take this kind of thing seriously.
You don’t have to believe them, but there’s no proof that any user data was breached and they seem to have followed the proper protocols so far. Unless anything else comes out, I’m inclined to believe that they’re telling the truth, or at least not lying.
When it comes to legal obligations… Reddit is currently very hard violating EU laws, they don’t know shit or think it’s ok to ignore (mainly spez does).
No user data was accessed according to Reddit.
A super trustworthy source as we all know.
In the absence of literally any evidence at all to the contrary, I’m inclined to believe them for now. They seem to have followed protocol on everything else from what I’ve read.
I try to be skeptical until the whole story comes out. Neither party is particularly trustworthy but I have zero confidence in anything that reddit corporate says these days.
See, there is the problem, “according to reddit” they probably don’t even know themselves currently. I don’t believe them anyway.
They can 100% know what was accessed and what wasn’t. This didn’t just happen, it happened in February and their SOC team or an external company would have conducted a full sweep as they’re legally required to disclose what was breached in many of the territories they operate in, which they did four days after the incident took place. I know it’s on trend to hate Reddit right now, but it’s not some one man operation running on a dusty old server in a garage, it’s something like the 20th most visited website on the entire internet, and that comes with certain legal obligations. They know what they’re doing and clearly take this kind of thing seriously.
You don’t have to believe them, but there’s no proof that any user data was breached and they seem to have followed the proper protocols so far. Unless anything else comes out, I’m inclined to believe that they’re telling the truth, or at least not lying.
When it comes to legal obligations… Reddit is currently very hard violating EU laws, they don’t know shit or think it’s ok to ignore (mainly spez does).