Yeah the ‘happened to have a bunch of unencrypted data laying around’ bit seems odd. Would make sense if they got picked up for something else and that was the bargain. Fucked if I know though
Not really? If you’re trying to debug something, or if you’re gearing up for an upgrade (like the Mastodon upgrade this week that’s giving a lot of admins grief) it’s plausible to have one of your backups locally to mess around with. As an example of this principle, I run Part-DB-server to manage my workshop inventory. For various reasons I migrated from a hosted MySQL database to a local SQLite database, and I’m in the process of moving back to the MySQL database. To facilitate this I have a copy of the SQLite database that, as needed, I run SELECTs on to backfill details on entries. I have a local copy of that database on my laptop, in other words.
It’s also plausible that the kolektiva.social admin was mocking up a clone of the service on their laptop to test something.
Without more data (gentlebeings, start your FOIA requests) I’m not sure that it’s a good idea to speculate. We might learn something that we can use later.