Do you have any other source than a generic warning about malicious data export requests? Otherwise your take seems like fearmongering to me.