I thought this might be of interest to other users as well as admins.

  • Unfortunately, at the time of the raid, our admin was troubleshooting an issue and working with a backup copy of the Kolektiva.social database. This backup, dated from the first week of May 2023, was in an unencrypted state when the raid occurred and it was seized, along with everything else.

    The database is the heart of a Mastodon server. A database copy such as the one seized may include any of the following user data, in this case up to date as of early May 2023:

    – User account information like the e-mail address associated with your account, your followers and follows, etc. – All your posts: public, unlisted, followers-only, and direct (“DMs”). – Possibly IP addresses associated with your account – IP addresses on Kolektiva.social are logged for 3 days and then deleted, so IP addresses from any logins in the 3 days prior to the database backup date would be included. – A hashed (“encrypted”) version of your password.

    In case you thought you were safer doing any illegal stuff here, yikes.