Access to emails is one thing. Access to the internal public banter and coordination of work hardly strikes me as worrying based on all the discussions I've seen at my current place of work and past places of work. Any information sensitive enough to keep from your significant other is probably too sensitive for a shared internal conversation system available to all employees. Yeah, there's stuff that you wouldn't want your competitors to know, but for most everyone else with no skin in the business/industry is fairly irrelevant information.
HuBot let's githubbers deploy code to production, amongst lots of other things. In other words, access to internal chat is a much bigger deal at GitHub than it is at your workplace.
I would certainly hope that you can only tell hubot to do something like that if you have the correct permissions. Hubot should not be accepting deploy code commands from anyone except those with the sufficient privileges. If that isn't the case, that needs to be fixed asap.
