that's correct. and we're very sorry this happened. we couldn't filter all requests and reset emails have been requested.
that email can be ignored and for additional security we now also enforce login with an one time token.
Login to reply
Replies (2)
It's definitely unpleasant that it happened. But one must be careful on the internet. I personally, using tools to check for data leaks, have seen emails leaked from other much bigger companies and software. That's why personal culture regarding cybersecurity is an important thing. I'm also 99% sure that a large part of these emails have already been leaked somewhere else. That's why it's good to use email masking services.
The transparency is a good start, but you haven't covered the case where a) an unique email address was used that only Alby had and b) wasn't used as lightning address visible anywhere publicly