Just a transparency announcement about last night. Last night someone claimed to have done a hack. Due to it happening late at night and us not having round the clock staff, we opted to just shut some services off until morning while we looked into things. This is why Juxt was offline until now. I've seen some people think this person did it, no it was me. To be crystal clear: This was not a real "hack". No databases were breached, no user data was taken or even seen, nothing like that. The only thing the person was able to do is very basic operations, such as changing a users access level between standard, banned, tester, etc, and making Juxt communities and such. Just someone mucking about. All relevant changes the user made have already been reverted (with one exception I will touch on). The panel the user had access to did not expose user data (it's a very basic, crappy, panel), and was only able to access it due to a single line incorrect permissions check. The databases where user data is stored was not accessed at all, and cannot be unless the connection is coming from an authorized user on a whitelisted IP (of which there are only 2). What we believe to have been the root cause was found later last night, and deployed this afternoon after some testing. All services are back online as of the writing of this message. To be clear, if the issue is not what we believe it was then we will again shut off relevant services and go back into a maintenance mode. As mentioned all relevant changes this person made (of which there were few, could count them on your hands) have been reverted besides one. Some users may have been given tester access, but the number of people affected is incredibly small and we have decided ¯\_(ツ)_/¯ about it. Those who got it can keep it for now. We have plans to sunset the Patreon soon, in favor of our own payment system which we have been using for quite some time now, and once that happens users with tester access without using the new system will have the status removed at the end of the month of the sunset (with the exception of a few testers). So those who may have gotten tester last night, will lose it when that happens anyway. Additionally since this seemed to have spooked quite a few of you, we have decided to keep the beta going until at least the end of February. Just as a way to apologize for the scare. I'm also currently in the middle of moving, so I wasn't going to close the beta right away anyway, waiting until I was done moving in a few days/a week. I planned to announce the continuation of the beta regardless, so this worked out. We typically hold a beta in February as well to celebrate our anniversary, so it will just stay open until then And finally, we overall see this as a net positive. Nothing REALLY happened, it was overall very inconsequential. So there was no real loss here, for anyone. But it did spur us internally to discuss some better security standards moving forward, which has led to several new ideas and projects on the drawing board. So overall, we lost nothing and gained some new ideas. We see this as a net positive.