Reddit 广告支持正在泄露个人身份信息(PII),并且正在主动跨越用户会话。
我在过去一周内一直在处理一个Reddit广告账户的问题,这个问题迅速升级为严重的隐私和安全警告。看起来他们的客户支持工具(或者说代理本身)正在主动泄露个人身份信息(PII),并完全混淆用户会话。
在过去一周内,我在他们的在线聊天中经历了三次独立事件:
事件1:账户交叉污染(2月14日)
在与一名代理(Sonam B)聊天时,他们竟然将我的个人邮箱与一个完全无关、名字奇怪的广告账户(“No Panties Games Ad Account”)关联在一起。当我指出他们在我的邮箱旁边粘贴了与其他人账户相关的数据时,他们试图将其搪塞为一个“错误”,并告诉我“请忽略”。
事件2:直接的个人信息泄露(2月20日)
今天,在与另一名代理(Naheeda M)跟进此问题时,他们 inexplicably地在我们的聊天中泄露了一个完全不同广告主的电子邮件地址(info@<i>已编辑</i>.com)和完整的法律商业实体名称。
事件3:完全的会话混淆和错误归属(2月20日)
就在同一聊天中几分钟后,情况变得更糟。尽管我显然已登录到自己的账户,代理却告诉我:“您当前登录的广告账户是u/Teor<i>已编辑</i>,广告正在以此用户名发布。对吗?”
这已经不仅仅是一个剪贴板问题。这强烈表明他们的支持仪表板(Zendesk/Salesforce或内部管理工具)存在严重的后端映射失败,完全错误地归属了活动会话、用户账户和广告发布数据。
如果他们的支持代理看到我登录到其他人的账户,并声称广告正在以该用户名发布,这就引发了巨大的疑问:
1. 代理是否在以为是我的账户的情况下对其他人的广告活动进行更改?
2. 广告支出是否被错误地计入了其他账户?
3. 目前谁在查看我的账单详情、法律名称和广告活动?
鉴于他们的一级工具目前似乎如此不堪,我想立即在这里提出警告。最近有没有其他使用Reddit广告的人注意到他们的支持代理泄露数据或混淆账户的情况?
查看原文
I have been dealing with a Reddit Ads account issue over the last week, and it has quickly escalated into a severe privacy and security red flag. It appears their customer support tools (or the agents themselves) are actively bleeding PII and crossing user sessions entirely.<p>Over the last week, I have experienced three separate incidents in their live chat:<p>Incident 1: Account Cross-Contamination (Feb 14)
While chatting with an agent (Sonam B), they managed to associate my personal email to a completely unrelated, bizarrely named ad account ("No Panties Games Ad Account"). When I pointed out they were pasting data related to someone else's account alongside my email, they tried to brush it off as an "error" and told me to "kindly ignore."<p>Incident 2: Direct PII Leak (Feb 20)
Today, while following up on the issue with a different agent (Naheeda M), they inexplicably dropped the email address (info@<i>REDACTED</i>.com) and the full legal business entity name of an entirely different advertiser into our chat.<p>Incident 3: Total Session Confusion and Misattribution (Feb 20)
Just minutes later in that same chat, things got much worse. While I was clearly logged into my own account, the agent told me: "The ad account you're currently signed into is u/Teor<i>REDACTED</i>, and ads are getting published with this username. Is that correct?"<p>This is no longer just a clipboard issue. This strongly suggests a severe backend mapping failure in their support dashboard (Zendesk/Salesforce or an internal admin tool) that is completely misattributing active sessions, user accounts, and ad publishing data.<p>If their support agents are seeing me as logged into someone else's account and claiming ads are publishing under that username, it raises massive questions:
1. Are agents making changes to other people's ad campaigns thinking it's my account?
2. Is ad spend being billed to the wrong accounts?
3. Who is currently seeing my billing details, legal name, and campaigns?<p>Given how broken their Tier 1 tools appear to be right now, I wanted to raise the flag here immediately. Has anyone else running Reddit Ads noticed their support agents leaking data or confusing accounts recently?