@forteller @thibaultamartin Let me find the writeup for that, it wasn't "hacked" per se, and an error in code specific to the french deployment


@forteller @thibaultamartin the details are on matrix.org/blog/2019/04/18/sec

It allowed someone to sign up on an instance that was set to only allow sign-ups from specific email-addresses. It did not give access to any existing accounts or communications.

as a sidenote, the Ars Technica article about this has some factual errors, the matrix.org tweet linked refers to a different incident, which was unrelated to Matrix/Synapse

Sign in to participate in the conversation

Small server part of the pixie.town infrastructure. Registration is approval-based, and will probably only accept people I know elsewhere or with good motivation.