I noticed recently after creating a topic which had a lot of activity that the email notifications which I received included the real names of the users who had replied in the thread.
This is a very fundamental forum mis-configuration which affects users’ privacy in a way they will not be expecting and needs to be resolved. By simply subscribing to all topics, a rogue user could quickly harvest the real names of many users.
The proper fix is for the site admin to amend the email notification template to include ‘username’ rather than ‘name’.
Meanwhile, I would recommend any users who do not want their real names disclosed to edit their profile and make ‘name’ the same as ‘username’.