Notion leaks email addresses of all editors of any public page
Tiberium
350 points
126 comments
April 19, 2026
Related Discussions
Found 5 related stories in 54.5ms across 5,012 title embeddings via pgvector HNSW
- Someone at BrowserStack is leaking users' email addresses m_km · 369 pts · April 05, 2026 · 53% similar
- Tell HN: GitHub might have been leaking your webhook secrets. Check your emails. ssiddharth · 24 pts · April 14, 2026 · 45% similar
- Researchers Deanonymize Reddit and Hacker News Users at Scale hk_flying_gear · 15 pts · March 01, 2026 · 43% similar
- Profiling Hacker News users based on their comments simonw · 60 pts · March 22, 2026 · 42% similar
- Claude Code's source code has been leaked via a map file in their NPM registry treexs · 1950 pts · March 31, 2026 · 41% similar
Discussion Highlights (16 comments)
DropDead
Big companys need to start caring more security and privacy of its users and employees
amazingamazing
I've been toying around an architecture that sets things up such that the data for each user is actually stored with each user and only materialized on demand, such that many data leaks would yield little since the server doesn't actually store most of the user data. I mention this since this sorts of leaks are inevitable as long as people are fallible. I feel the correct solution is to not store user data to begin with. some problems I've identified: 1. suppose you have x users and y groups, of which require some subset of x. joining the data on demand can become expensive, O(x*y). 2. the main usefulness of such an architecture is if the data itself is stored with the user, but as group sizes y increase, a single user's data being offline makes aggregate usecases more difficult. this would lend itself to replicating the data server side, but that would defeat the purpose 3. assuming the previous two are solved, which is very difficult to say the least, how do you secure the data for the user such that someone who knows about this architecture can't just go to the clients and trivially scrape all of the data (per user)? 4. how do you allow for these features without allowing people to modify their data in ways you don't want to allow? encryption? a concrete example of this would be if HN had it so that each user had a sqlite database that stored all of the posts made per user. then, HN server would actually go and fetch the data for each of the posters to then show the regular page. presumably here if a data of a given user is inaccessible then their data would be omitted.
VladVladikoff
The tweet is only a few words, you really need an LLM to write that for you???
RomanPushkin
It has been an issue for at least 5 years. I remember one dude from HN deanonymized me around 5 years ago by looking at my notion page.
Tiberium
Apparently this is officially documented at https://www.notion.com/help/public-pages-and-web-publishing#... buried in a note: > When you publish a Notion page to the web, the webpage’s metadata may include the names, profile photos, and email addresses associated with any Notion users that have contributed to the page.
hohithere
Any self hosted solution?
georgespencer
Notion’s macOS app is some of the worst software I’ve ever used. If there is a platform design idiom, they likely break it without a second thought.
staticassertion
Isn't this very typical? Also, what is the proposal?
lioeters
Recently I checked back on Notion after a year or so of not seeing it. I was going to recommend it to someone as an example of hypertext, but I see now it calls itself an "AI workplace that works for you" and "Your AI everything app". This company means nothing now, seriously what happened.
linsomniac
Very timely. I literally ran a Claude prompt "compare and contrast Notion vs Obsidian" and flipped over to HN while it was thinking, and this comes up. Thanks HN!
e-dant
Are security vulnerabilities good marketing?
colesantiago
Transparency is a good thing?
mschoening
Hi, this is Max from Notion. First: This is documented and we also warn users when they publish a page. But, that’s not good enough! Second: We don’t like this and are looking at ways to fix this either by removing the PII from the public endpoints or by replacing it with an email proxy similar to GitHub’s equivalent functionality for public commits. P.S: Some folks here have speculated that this should be a 1 minute fix. Unfortunately that is not the case. :(
jdgiese
I love Notion and use it extremely heavily. I've also built a few integrations with Notion. I think it's a great app that uses AI very well, and they continue improving. Hopefully they fix this though! Also, their API has recently been upgraded quite a bit and now supports database views as a first class object. I have a few other small requests regarding their public API.
rvz
Why people choose these services and have zero care about security is beyond me. Tells me everything I need to know about this industry. No regard or seriousness to security at all.
skissane
I really dislike Notion. Its public API is full of bizarre arbitrary limitations, like a rich text database field can only contain max 100 “child blocks”, where each change in formatting consumes one child block-but its web UI doesn’t have this issue. Yes, I realise the undocumented private API that the web UI uses doesn’t have this issue either-but I shouldn’t have to, and I haven’t. I don’t love Confluence, but at least it doesn’t do this to me.