I'm starting am engineering job at a FAANG in a few weeks. They already had me sign something agreeing to not do anything with the data of someone I know in the course of my work, told me access is monitored, not to make actual changes to people's accounts because hacking isn't distinguishable from admin changes by users, if something accidentally happens, notify a specific group so they can reach out to the user.

It feels like they take privacy really seriously, but at the end of the day, yes, employees do have access to your data, so before giving any company your unencrypted data, think hard about it.

Fun story: A GitHub employee renamed my user account because his buddy wanted the name. Nothing was ever done about it.

Do you have any more details about this?

They said someone at Google, not everyone at Google.

How do you know it was an inside job?

Because I used an extremely long password and I used the same password for my gmail and iCloud. And none of them were touched or accessed based on ip access history.