This is Why Codeberg Issues an Apology Today
A very short while ago Codeberg mass-mailed an apology and published an understandable blog post, authored by the "Codeberg public relations team". We weren't going to comment on this or to give airspace to SPAM. Now that an apology is available we thought we'd just clarify what happened when obscuring some words. We also give credit to Codeberg for transparency, firm response, and good communication.
We got targeted; my wife was one of the 'lucky' recipients (I was not; I too have an account there). She got this message:
The N word is the 6-letter one, not the 4-letter one.
Less than an hour ago Codeberg had already blogged about it and then mailed the people affected:
Dear users,
earlier today, you might have received a notification email from our systems that contained abusive and offending content, and we apologize for the disturbing message.
Please understand that no data from our platform was leaked. The emails were generated from our servers due to the notification s ettings of your user account, which is set to generate a notification whenever someone mentions your username in a conversation. The abuser had no access to your email address and was only using public information from our platform to abuse the notification feature.
We have published a more detailed statement and explanations about the incident on our blog: https://blog.codeberg.org/we-stay-strong-against-hate-and-hatred.html
Thank you for your understanding and stay safe. We are currently working to prevent similar incidents from happening again.
Kind Regards Your team from Codeberg e.V.
We are sending this email to you, because our mail server logs indicate you have received a notification email from us in the timespan of the attack. If you requested us to delete your userdata on Codeberg today, this message will not interrupt this process. Our mail server logs will be removed entirely in accordance with our privacy policy after necessary investigation finishes and 6 days have passed.
--- Codeberg e.V. \u2013 Arminiusstraße 2-4 \u2013 10551 Berlin \u2013 Germany Registered at registration court Amtsgericht Charlottenburg VR36929.
This response was clear and relatively swift.
Codeberg is in some ways connected to the German government (and thus EU, by extension), so it's important for it to set the record straight. This is what it said: "Codeberg is currently suffering from hate campaigns due to far-right forces, and so are our users. First and foremost, we apologize for everyone who has recently received a notification email from our system containing offending and potentially traumatizing content. We are working hard on containing the effects on our users and systems. Most importantly, your private data was not leaked. All emails have been generated through Codeberg's servers using the notification feature and the abusers had no access to your email address directly. Fighting hate and far-right forces is important to us. Read to the end of this article to learn why." █
