I thought this might be of interest to other users as well as admins.

  • money_loo
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    Unfortunately, at the time of the raid, our admin was troubleshooting an issue and working with a backup copy of the Kolektiva.social database. This backup, dated from the first week of May 2023, was in an unencrypted state when the raid occurred and it was seized, along with everything else.

    The database is the heart of a Mastodon server. A database copy such as the one seized may include any of the following user data, in this case up to date as of early May 2023:

    – User account information like the e-mail address associated with your account, your followers and follows, etc. – All your posts: public, unlisted, followers-only, and direct (“DMs”). – Possibly IP addresses associated with your account – IP addresses on Kolektiva.social are logged for 3 days and then deleted, so IP addresses from any logins in the 3 days prior to the database backup date would be included. – A hashed (“encrypted”) version of your password.

    In case you thought you were safer doing any illegal stuff here, yikes.