@Background Pony #B1FE
I have identified the source of the information and it was resolved to never occur again.
Update (2025-01-15):
To be clear - this was entirely our (Derpibooru’s) fault. To make it simpler for Tantabus staff to import comments, we have provided Tantabus with a data export for the purposes of their import. Said data export accidentally contained data it should not have (not taking anonymous flag on the comments into account), due to a Derpibooru sysadmin’s mistake. Tantabus staff had no knowledge of that fact. As soon as this was discovered, we have asked Tantabus to delete said data, which was done 6 minutes after our request. We will be asking Tantabus staff to rely on our public database dump, which strictly contains publicly-accessible information, going forward.
After thorough investigation, we have determined that no other private data was contained in the data export we have provided. To our knowledge, the situation was discovered and resolved in a timely enough manner, so we have no reason to believe that it has been used by any third parties, or that any risk or damages have occurred.
To prevent any future incidents, we have implemented new internal policies regarding data usage by our systems administrators, and reviewed the persons who have access to the data. We will also be considering implementing changes to Philomena database structure to make it impossible for a mistake like that to occur again.