Data Leak

Notion Public Pages Leak Collaborators’ Emails and Profile Pictures

Notion pages published to the web may be silently leaking collaborators' email addresses and profile photos, exposing thousands of users and organizations to potential phishing and social-engineering attacks.

SAN FRANCISCO, CA — A design-driven privacy vulnerability in Notion's "Publish to web" feature is currently exposing the personally identifiable information (PII) of anyone who has edited a public page. Security researchers have confirmed that by simply inspecting a public Notion site, an attacker can extract the full names, email addresses, and profile pictures of every contributor, even if those details are not visible on the rendered page.

Unlike a traditional data breach caused by a software bug or a malicious intrusion, this exposure is tied to the fundamental way Notion handles collaborator metadata. It represents a significant "privacy-engineering fail" for a platform that has become the central knowledge base for thousands of startups, freelancers, and global enterprises.

Notion Metadata Exposure Profile
Metric	Detail
Exposure Type	PII Leak (Names, Emails, Photos) via Public Metadata
Vulnerability Vector	Unauthenticated API Access to `syncRecordValuesMain`
Scope	Any Notion page with "Publish to web" enabled
Status	Confirmed Design Issue; Patch/Masking in development

The Technical Mechanism: Metadata as a Side-Channel

The leak stems from how Notion's API shares block permissions and editor history to maintain the app's collaborative features. When a page is made public, Notion's internal structures still include the Universally Unique Identifiers (UUIDs) of the editors.

Attackers can automate the following workflow to harvest data at scale:

UUID Extraction: Scrape the source code of any public notion.site or custom domain page to find editor IDs.
API Query: Send an unauthenticated POST request to a Notion API endpoint, such as /api/v3/syncRecordValuesMain.
PII Retrieval: Because the endpoint does not require a cookie or login token for public blocks, it returns a JSON response containing the user's registered name, email address, and profile image URL.

The "Silent Privacy Bomb" for Organizations

For organizations using Notion for public documentation, help centers, or hiring boards, the impact is widespread. An internal wiki page that was "published to web" for transparency might unintentionally leak the entire roster of an engineering or HR team to a scraper.

Researchers warn that this data is highly "actionable" for threat actors. Having a verified list of employee emails paired with their real profile pictures allows for high-fidelity spear-phishing and business email compromise (BEC) attacks. A phisher could, for example, contact a junior employee using the name and photo of an executive they confirmed as a Notion collaborator, creating an immediate — and false — sense of trust.

This incident fits into the broader "collaboration-tool privacy wars," where the ease of sharing and collaboration often comes at the direct expense of default privacy.

Notion's Response and Planned Fixes

Notion has acknowledged that the current behavior is unacceptable and has stated it is actively working on a remedy. The company is reportedly exploring two primary solutions:

API Stripping: Removing PII from public-facing API responses so that only the "public" content is served to unauthenticated requests.
Email Masking: Implementing a masking system (e.g., j***@company.com) similar to the system used by GitHub to protect contributor identities in public repositories.

Until a formal fix is deployed, the "Publish to web" toggle remains a high-risk feature for any page containing sensitive collaborator history.

Mitigation Steps for Users and Admins

Audit Public Pages: Use Notion's "Settings & Members" to review all pages currently published to the web.
Anonymize Edits: If a page must be public, consider duplicate-pasting the content onto a fresh page created by a single, generic account (e.g., webmaster@company.com) to clear the editor metadata.
Disable Direct Publishing: Admins on Enterprise plans should consider restricting the "Publish to web" permission to a small group of trained users.

For more on managing risk in the cloud, see our guide on Cybersecurity 101.

The CyberSignal Analysis: Strategic Signals

Signal 01 — The Usability vs. Privacy Paradox

Notion's growth is built on "frictionless" sharing. This leak proves that when publishing is made too easy, the underlying metadata — essential for internal collaboration — often gets dragged into the public square by accident. Product teams must move toward "privacy-by-default" where public exports are stripped of all editor history by default.

Signal 02 — Metadata Scrapers are the New Recon

Traditional reconnaissance involved searching LinkedIn or company About pages. This exploit shows that SaaS metadata is now a primary recon vector. Automated tools can now build organizational charts simply by crawling a company's public documentation.

Signal 03 — The Need for Notion-Specific Governance

Enterprises can no longer treat Notion as "just a doc." It requires a formal privacy policy. Companies should consider using dedicated "Public Publisher" accounts or anonymized email aliases for staff tasked with maintaining public-facing wikis.

Sources

Type	Source
Reporting	Escudo Digital: Notion Public Page Exposure
Technical	Cyberpress: Profile Photo & Email Leak Analysis
Community	Hacker News: Metadata Leak Discussion Thread

CrowdStrike Brought Falcon AIDR to Kubernetes. AI Runtime Security Is Now a Five-Vendor Market.

Tycoon2FA Came Back in Weeks. The OAuth Device-Code Variant Uses Microsoft's Own Login Page Against M365.

Grafana Refused the CoinbaseCartel Ransom. The pull_request_target Pwn Request Just Hit Its Second Major Vendor.

CrowdStrike's 2026 FinServ Report: DPRK Took $2.02B Off the Sector, PRESSURE CHOLLIMA's $1.46B Is the Largest Ever