Massive X data leak affects over 200 million users.

mooncake@lemm.ee

Bluesky people why are people still using Twitter?

mbirth@lemmy.ml

My email provider allows for unlimited aliases. So, while I have 600+ email addresses, emails to them all end up in the same mailbox.

The accounts for all the websites and services (with their specific email address) are in a KeePass database and they all have random passwords, too.

The only small issue is when you have to contact support of some service. Then, I have to configure the specific email address in my client so they can match that to my account with them. But most email clients allow multiple sender addresses without having to fiddle with the rest of the settings.

Guest

Yes, and Bitwarden+SimpleLogin. Bitwarden to keep track of login info including the alias that is used for that site. SimpleLogin is where the aliasing is actually handled, they have a decent UI for enabling/disabling or generating reverse aliases (for outgoing emails) when needed.

It does take a little more effort to manage it, but it’s worth the payoff. I’ve been using this setup for about 9 months now and I finally got my first spam email a week ago. I looked at the address it was sent to, it was a site I ordered something from about 6 months ago. I sent them a message letting them know that either someone at their company is selling customer info to scammers or their database has been leaked, then I shut off the alias.

partial_accumen@lemmy.world

My email provider allows for unlimited aliases. So, while I have 600+ email addresses, emails to them all end up in the same mailbox.

I do this too. The unique email address I create for each is identifiable to the place I'm using it. This has other benefits. If an organization you created and account with sells or has a data breech you know exactly which company it was when you start receiving spam or phishing email directed to that address. This is also nice because you can "black hole" that email address and all the spam goes with it even future spam not sent yet.

homesweethomemrl@lemmy.world

In July 2022, Twitter confirmed that someone had exploited the vulnerability before it could be fixed. “After reviewing a sample of the data offered for sale, we confirmed that a malicious party had taken advantage of the problem before it was addressed,” Twitter stated at the time.

lol

uranibaba@lemmy.world

Anyone know where these files where originally posted?

homesweethomemrl@lemmy.world

That's re-victimization. People do people stuff, like using social networks.

Giving one's real name and real information to a social network who is intending to track everything one does or says and the people one does or says it with is idiocy and it has never not been.

People do people stuff like not listening to people who have constantly been telling them not to push the button.

People stuff also includes continuing to use these horror networks for years after knowing full well they shouldn't.

mbirth@lemmy.ml

Exactly! I add a random string to each email address, too, so you can’t just guess other addresses. So, it’s usually something similar to [email protected]. And, whenever a breach happens, I’ll generate a new random part and set that as my email address and invalidate the old one. Until the next breach. (Looking at you, LinkedIn…)

ploot@lemmy.blahaj.zone

My email provider will auto-generate aliases with no limit, and I also subscribe to Mozilla Firefox Relay, which allows me to invent email addresses on the fly and have them relay emails to my inbox. The advantage of the Firefox Relay is that it isn't tied to the email provider so if I switch provider the aliases can still work.

pirata@lemm.ee

I'm fairy sure the guy above said "use X" not use social media. X is a particularly shitty platform.

Guest

Bluesky will be in the same boat given enough time. Mastodon is the only proper stand-in for twitter.

hayduke@lemmy.world

That’s like, 400 actual non-bot accounts. Nobody is safe anymore!

peereboominc@lemm.ee

That is clever!

catzoomies@lemmy.world

This is what I do as well. I purchased my own custom domain name and run aliases off it using Addy. So as an example, an email for an online account would look like: ‘[email protected]’

Then I feed these accounts into a password manager so I don’t have to remember them.

All the aliases forward mail directly to my main inbox. Companies never see what my real address is. If I get spam, I know which company either sold my data or leaked my data. I can then take action by simply turning off that email alias and then spinning up a new one.

The best thing about owning your custom domain is that you’re in control and never have to change your email addresses. If I want to move to a new email provider, I can easily do that. The process, simplified:

• Buy a domain name
• Sign up for an email account at Tuta, Mailbox, etc.
• Set up your custom domain at that provider.
• Go to your Domain provider and update your MX records so that it syncs with the email provider.
• if you want to switch email providers, get a new one and then update your MX records to point to the new provider.

booly@sh.itjust.works

The actual data compromise happened sometime before July 2022, months before Elon's purchase of Twitter happened. Telling people they shouldn't have registered their real phone numbers to Twitter in 2015 or whatever isn't really a helpful argument to make today.

ripcord@lemmy.world

OK but it's not even remotely close today.

someguy3@lemmy.world

Quick everyone do their banking on it!

gedaliyah@lemmy.world

So what is that, like 6 or 7 people?

transsynthesist@lemmy.blahaj.zone

I think they mean 40 million users and 160 million bots.

cosmicturtle0@lemmy.dbzer0.com

I was just about to ask. I know that there was a clearnet site for data breaches but that's since been taken by the DOJ.

I imagine there's an onion site but my onion experience is very little to know where to even begin to look. My searches on torch found very little.