Digging deeper into the comments it seems someone found the message was from a compromised polyfill code that was running on IA. Now the website is down from a ddos. From what I can see there's no reason to believe their servers and the data therein have been compromised.