A brief security update from the infrastructure team
christel on 2016-12-20A freenode volunteer has identified and responded to a suspected compromise of their e-mail accounts, which could have provided an unauthorised user with limited access to some data sent via internal e-mail systems (this could include support tickets or internal communications).
Naturally, we instigated audit procedures immediately so as to ensure the security of the production network and accompanying infrastructure. The investigation is ongoing, but at this time we have no reason to believe that any other unauthorised access was gained. Nevertheless, in the interests of transparency and security for our users, we wish to notify anyone who may have been affected.
As always, we would still recommend that you ensure that you change any passwords to freenode systems, and be alert to any suspicious activity on your account. We would additionally always recommend that you not share passwords between accounts, especially those spanning multiple providers (please ensure you have a registered e-mail address before changing your password so that it can be reset!).
We will provide further updates if it becomes appropriate to do so; please rest assured that we take the security and privacy of our users very seriously, and work with industry experts and law enforcement where appropriate to investigate and respond to possible security breaches.