Matrix GDPR access request data overshare
edk on 2019-08-11Hi all,
You may already be aware that in the process of servicing a request for personal information under the GDPR, Matrix.org provided a user with a data dump that mistakenly included events that user had not been a party to. We suggest reading Matrix.org's writeup for more details.
On the morning of 2019-08-04 UTC we were notified by the recipient of the dump that the errant data included messages from freenode users and, in a spirit of transparency, felt it was important to keep you informed of any potential security issue concerning you.
We have reached out to Matrix.org's team in order to understand the impact of the issue, and they have assured us that all of these messages were to public channels whose administrations chose to make their histories publicly available.
If you have any questions, feel free to either track down a staffer in PM or email policy@freenode.net.
Thanks for using freenode.