Notion Public Pages Leak Collaborators’ Emails and Profile Pictures
Notion pages published to the web may be silently leaking collaborators' email addresses and profile photos, exposing thousands of users and organizations to potential phishing and social-engineering attacks.
SAN FRANCISCO, CA — A design-driven privacy vulnerability in Notion's "Publish to web" feature is currently exposing the personally identifiable information (PII) of anyone who has edited a public page. Security researchers have confirmed that by simply inspecting a public Notion site, an attacker can extract the full names, email addresses, and profile pictures of every contributor, even if those details are not visible on the rendered page.
Unlike a traditional data breach caused by a software bug or a malicious intrusion, this exposure is tied to the fundamental way Notion handles collaborator metadata. It represents a significant "privacy-engineering fail" for a platform that has become the central knowledge base for thousands of startups, freelancers, and global enterprises.
The Technical Mechanism: Metadata as a Side-Channel
The leak stems from how Notion's API shares block permissions and editor history to maintain the app's collaborative features. When a page is made public, Notion's internal structures still include the Universally Unique Identifiers (UUIDs) of the editors.
Attackers can automate the following workflow to harvest data at scale:
- UUID Extraction: Scrape the source code of any public
notion.siteor custom domain page to find editor IDs. - API Query: Send an unauthenticated POST request to a Notion API endpoint, such as
/api/v3/syncRecordValuesMain. - PII Retrieval: Because the endpoint does not require a cookie or login token for public blocks, it returns a JSON response containing the user's registered name, email address, and profile image URL.
The "Silent Privacy Bomb" for Organizations
For organizations using Notion for public documentation, help centers, or hiring boards, the impact is widespread. An internal wiki page that was "published to web" for transparency might unintentionally leak the entire roster of an engineering or HR team to a scraper.
Researchers warn that this data is highly "actionable" for threat actors. Having a verified list of employee emails paired with their real profile pictures allows for high-fidelity spear-phishing and business email compromise (BEC) attacks. A phisher could, for example, contact a junior employee using the name and photo of an executive they confirmed as a Notion collaborator, creating an immediate — and false — sense of trust.
This incident fits into the broader "collaboration-tool privacy wars," where the ease of sharing and collaboration often comes at the direct expense of default privacy.
Notion's Response and Planned Fixes
Notion has acknowledged that the current behavior is unacceptable and has stated it is actively working on a remedy. The company is reportedly exploring two primary solutions:
- API Stripping: Removing PII from public-facing API responses so that only the "public" content is served to unauthenticated requests.
- Email Masking: Implementing a masking system (e.g.,
j***@company.com) similar to the system used by GitHub to protect contributor identities in public repositories.
Until a formal fix is deployed, the "Publish to web" toggle remains a high-risk feature for any page containing sensitive collaborator history.
Mitigation Steps for Users and Admins
- Audit Public Pages: Use Notion's "Settings & Members" to review all pages currently published to the web.
- Anonymize Edits: If a page must be public, consider duplicate-pasting the content onto a fresh page created by a single, generic account (e.g.,
webmaster@company.com) to clear the editor metadata. - Disable Direct Publishing: Admins on Enterprise plans should consider restricting the "Publish to web" permission to a small group of trained users.
For more on managing risk in the cloud, see our guide on Cybersecurity 101.
The CyberSignal Analysis: Strategic Signals
Signal 01 — The Usability vs. Privacy Paradox
Notion's growth is built on "frictionless" sharing. This leak proves that when publishing is made too easy, the underlying metadata — essential for internal collaboration — often gets dragged into the public square by accident. Product teams must move toward "privacy-by-default" where public exports are stripped of all editor history by default.
Signal 02 — Metadata Scrapers are the New Recon
Traditional reconnaissance involved searching LinkedIn or company About pages. This exploit shows that SaaS metadata is now a primary recon vector. Automated tools can now build organizational charts simply by crawling a company's public documentation.
Signal 03 — The Need for Notion-Specific Governance
Enterprises can no longer treat Notion as "just a doc." It requires a formal privacy policy. Companies should consider using dedicated "Public Publisher" accounts or anonymized email aliases for staff tasked with maintaining public-facing wikis.
