There are good lists of breaches but few describing what happened to the people afterwards. Credit card theft resulting in a loss being the most obvious one.
Such concrete (real) examples would help me to argue with people who say: all this non-sense about data privacy. What would anyone want to do with your data anyways?
First, you have those who stormed the Capitol and were identified by the NYT based on their phones location [1]. You also have the Substack that used location data to publicly out a priest as gay [2].
You then have the companies selling location data of people who visit abortion clinics [3]. They obtain this location from SDKs that they deploy via apps you may already be using. And if you want to get more dystopian remember that Texas allows citizens to sue anyone for "aiding or abetting a post-heartbeat abortion" [4], meaning that driving your friend Rebeca to a clinic can land you in a lawsuit for at least $10k by people who do this as their day job.
Even if you're not sued, remember that companies have been reliably predicting whether you're pregnant for at least 10 years [5] and using it to influence your behavior in their favor. This one may be the one with the "least bad" consequences but, paradoxically, the one that better drives home the point since nothing here is criminal.
[2] https://www.vice.com/en/article/pkbxp8/grindr-location-data-...
[3] https://www.vice.com/en/article/m7vzjb/location-data-abortio...
[4] https://www.cbsnews.com/news/texas-abortion-law-bounty-hunte...