But it's not just principle, it's also practicality. They clearly already had whatever they got, and since it's data, there's no way for them to give it back, or to even to prove that it has been destroyed. So let's say I had paid them $500 worth of BTC last night (which would have been difficult in any case because I do not own any crypto, nor do I have an account with anyplace that would let me buy and transmit it). What would prevent them from coming back tonight and demanding $1000? Or tomorrow and demanding $5000?
Then there is the question of ethics. The only thing they really had to hold over my head was the idea that I could keep you folks, my customers from finding out that there had been a data breach, and thus I wouldn't be embarrassed, or have my reputation damaged. Would it have been ethical of me to try to keep the breach a secret? I don't think so! I mean does anyone think they wouldn't add whatever they got to the databases of such stuff that surely exist in the dark corners of the internet, even if I did pay them?
Nope, the only sensible way to handle this was for me to be honest with you guys immediately, and by doing that they have absolutely nothing to hold over my head, or any of yours either.
Mate of mine once had this. He kept insisting he should receive an invoice, otherwise he could not justify spending money without a trace.
But I think the way Uwe acted is the only right way of doing so. Exactly for the reasons he states. Data is easily copied, transferred and there is no way to prove you destroyed it. And even if you did, there are many ways to un-delete it.
And pro tip if you haven't already activated. Activate the two-step authentication for the forum for your account. This will prevent the change of your password if your account gets leaked as hackers cannot change the authentication email and also the codes are not visible for the backup method.
Coming from (cough) years of software, systems, infrastructure, etc...
Good call all around. Even if it is the right choice, it isn't always the easy choice. To Uwe's point, the compromised data isn't exactly high risk PII. That helps.
Thanks for the transparancy.
Was happy to see a 2FA option when i signed up. For something like a forum it is still a great way to keep someone from logging into an account with a compromised password. And i do think it worthwhile even for forums.
And having been through a number of all-night systems emergencies, i hope ya'll are able to catch up on some deserved sleep. Wish i could help.