As I read it they accidentally routed some data to China based servers for a month (Feb 2020) due to a config mess up during their crazy fast scaling period. This is since fixed.
They were making requests to IPs in China long before Feb 2020. At the time I assumed they’d been hacked, but in retrospect it seems like this was just how their organisation is distributed.
Needless to say, I have decided not to endorse their videoconferencing solution.
I'm inclined to believe that for now. Though I fully expect that a bunch of security researchers will be taking a very close look indeed at exactly what data is still going to or through China. I am open to changing my mind upon seeing evidence that, after being informed of the problem and promising to correct it, they failed to resolve the issue and continue to send data to any country it doesn't need to go to.
Needless to say, I have decided not to endorse their videoconferencing solution.