If not for the ethics of it, it would make for an interesting study of the coding issues in practice in the industry.

Update: Far as I understand CDP is now (due to new evidence) afraid of employee and contractor data being spread over the net: Source:
https://arstechnica.com/gadgets/2021/06/cd-projekt-red-says-its-data-is-likely-circulating-online-after-ransom-attack/
https://www.cdprojekt.com/en/media/news/security-breach-update/

Should have put a tick in the 'privacy agreement' box. Then all the data would be perfectly safe ^_^

I forgot to post it, as i was banned during this time: my girlfriend got a notice from gmail that her GOG password was compromised (but not her email password). I'm not sure why google went out of it's way to say this, but it's worth noting.

Sounds like a vague automated system but if it does contain information I thought we had euro laws that obligated cdpr to inform anyone who may have had their info exposed.

There were a few other sites mentioned as well, but i remembered "this hack." Though, GOG violating laws wouldn't even begin to surprise me, at this point. I understand Poland's been sitting on a law that prohibits deleting posts on political grounds (or for simply being political), as well, although, as far as i know, it was not yet passed. I'm aware there's a few others gog might have violated. I have a screenshot of proof of a GOG staffer lying to customers (me specifically) and implicitly admitting it was a lie within the same post.


The thing is, though, why would an automated system target GOG specifically? How would an automated system know GOG was compromised or come to the conclusion?

Well, that's another in the bucket list of GDPR violations.

A friend of me called me a few days ago. He is ... kind of the dumbest PC user EVER! He wants to use his computer for browsing, music, having some pictures and videos on it and to write mails. Whenever there is some pop up telling him anything, he asks me for help - which is totally okay! It's just that most of the times the answer to his question is written in the same window... But that's okay, too!

Anyway... A few days ago he called me, because he got the exact same notification. He said he didn't even know the accounts! It was hard work to make him remember if he had any accounts on the sites where Google suspected a security breach. Eventually, it turned out that all the compromised or unsecure passwords were saved and synchronized with his Google account. He just didn't remember them...

So Google is probably keeping an eye on a crapload of domains and warns all its users about possible security issues if anything's looking sketchy.

What are you talking about, I didn't call you.

I figured that much, but to what extent are google's warnigns? I question if google knows something we don't.

Their warnings seem to be pure speculation. One of the compromised passwords was the password to an image folder, which could be reached by typing in an IP adress. My friend was on an event a few years ago and every guest got that link to download the pictures (if they wanted). The IP wasn't even online anymore. That's hardly any kind of security breach. That's nothing Google even should know about!

So it's paranoid. Odd though that they found out about it, though.