I get really annoyed when companies gather my info because I've seen it from the other side. Think you're safe from being tracked? I always remember this one guy who one of my previous teams decided to keep an eye on just for amusement. They did so for a whole year. You don't need a whole company tracking you, just bored employees. Not caring about your data being harvested is sheeple mentally.
Discussion
tell us more about the other side...
PCC already has telegram bots for telephone extorsion scams, with your personal basic info (name, CPF, mother, address, etc) and car plate tracking from public surveillance cameras
Why couldn't they pay/blackmail some IT/dev guy to get browser data, from individuals or whole DBs?
I'm pretty sure they already do. I worked at a company where a group was offering $10k to help them get access to the database or VPN. The problem with dealing with them is that there's no guarantee they'll pay you, much like what happened in the previous UnitedHealth attack where the MITM didn't get paid. The main issue is that people think of companies as a single entity, a soulless machine, but that's not how things work. Sometimes, a couple of guys inside a really big organization have access to everything their customers do, and it's just a matter of them being malicious about it, like the case I mentioned. I can't give more specifics because that would be a good way to dox myself even further.