Probably done by Cloudflare. While they don't specifically mention Let's Encrypt, it's probably likely they're using LE for this:
See also:
and
My advice?
Ask Cloudflare, ask if they did this and if they did, complain about the lack of communication about this.