Old Mojira accounts still use Gravatar profile picture

The bug

Accounts created before the switch to the new Jira version still use Gravatar as profile picture host, even if they never changed their picture and used the default one. The problem with this is that Gravatar creates their links by simply hashing your e-mail address without any salt. It is even explained on their page: https://en.gravatar.com/site/implement/hash/

The problem is that you can easily get the hash for someones e-mail address then by either inspecting the displayed page or using the Jira API, for example Get user.

Additionally it appears that even after you changed your profile picture the Gravatar one still appears in the selection. I would highly appreciate it if that would not be the case since they can collect more user data like this.

It would be great if affected users could be notified or (if they are fine with that) if their pictures could automatically be uploaded to Mojira.