Please note that it is especially important to change your passwords on the Wikimania wikis where you have accounts. These are non-SUL wikis and changing your SUL password will not effect a change on the Wikimania 2013 and 2014 wikis. Even if you never intend to edit those wikis again, your password and account could still hypothetically be compromised.
I agree with others that the risk is very, very small; nonetheless, it is not non-existent. Risker/Anne On 3 October 2013 05:36, Orsolya Gyenes <[email protected]>wrote: > Yeah, I already gotten my mail... great... :( > > *~Orsolya* > > > 2013/10/3 Katie Chan <[email protected]> > >> FYI, especially since wikimania2013 & wikimania2014 are two of the >> affected wikis. >> >> ---------- Forwarded message ---------- >> From: Erik Moeller <[email protected]> >> Date: 3 October 2013 06:56 >> Subject: [Wikimedia-l] Notification about Wikimedia user account security >> issue >> To: Wikimedia Mailing List <[email protected]> >> >> >> See also: >> https://meta.wikimedia.org/wiki/October_2013_private_data_security_issue >> >> On October 1, 2013, we learned about an implementation error that made >> private user information (specifically, user email addresses, password >> hashes, session tokens, and last login timestamp) for approximately >> 37,000 Wikimedia project users accessible to volunteers with access to >> the Wikimedia "LabsDB" infrastructure. >> >> LabsDB, launched in May 2013, is designed to give volunteers the >> ability to write tools and generate reports that make use of data from >> our databases in real-time. This supports bottom-up innovation by the >> Wikimedia community. As part of this process, private data is >> automatically redacted before volunteers are given access to the data. >> Unfortunately, for some of Wikimedia’s wikis[1], the database triggers >> used to redact private data failed to take effect due to a schema >> incompatibility, and LabsDB users had access to private user data for >> some user accounts in these specific wiki databases. As of October 1, >> 228 users have access to LabsDB, and the window of availability of >> this data was May 29, 2013 to October 1, 2013. >> >> This issue was discovered and reported by a trusted volunteer, and >> access to the data in question was revoked within 15 minutes of the >> report. We have no evidence to suggest that the private data in >> question was exported in bulk or used for malicious purposes, but we >> cannot definitively exclude the possibility. As a precautionary >> measure, we have invalidated all affected user sessions, and are >> requiring affected users to change their password on their next login. >> >> We have also sent an email notification to affected users with a >> confirmed email address. >> >> We regret this mistake. LabsDB is still a new part of our >> infrastructure, and we will fully audit the redaction process, so as >> to minimize any risk of a future mistake of this nature. >> >> Sincerely, >> Erik Moeller >> Vice President of Engineering & Product Development >> >> Contact information >> >> Should you have any questions, please contact us via email to: >> >> [email protected] >> >> You can also reach the Wikimedia Foundation at: >> >> Wikimedia Foundation, Inc. >> 149 New Montgomery Street >> Floor 6 >> San Francisco, CA 94105 >> United States >> Phone: +1-415-839-6885 >> Fax: +1-415-882-0495 >> >> [1] List of affected databases: aswikisource bewikisource dewikivoyage >> elwikivoyage enwikivoyage eswikivoyage frwikivoyage guwikisource >> hewikivoyage itwikivoyage kowikiversity lezwiki loginwiki minwiki >> nlwikivoyage plwikivoyage ptwikivoyage rowikivoyage ruwikivoyage >> sawikiquote slwikiversity svwikivoyage testwikidatawiki tyvwiki >> ukwikivoyage vecwiktionary votewiki wikidatawiki wikimania2013wiki >> wikimania2014wiki >> >> >> -- >> Erik Möller >> VP of Engineering and Product Development, Wikimedia Foundation >> >> _______________________________________________ >> Wikimedia-l mailing list >> [email protected] >> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, >> <mailto:[email protected]?subject=unsubscribe> >> >> >> >> -- >> Katie Chan >> Volunteer Support Organiser >> Wikimedia UK >> +44 (0) 20 7065 0990 >> +44 (0) 7885 980 534 >> >> Wikimedia UK is a Charitable Company registered in England and Wales. >> Registered Company No. 6741827. Registered Charity No.1144513. >> Registered Office: 4th Floor, Development House, 56-64 Leonard Street, >> London EC2A 4LT. United Kingdom. >> Wikimedia UK is the UK chapter of a global Wikimedia movement. The >> Wikimedia projects are run by the Wikimedia Foundation (who operate >> Wikipedia, amongst other projects). >> >> Wikimedia UK is an independent non-profit charity with no legal control >> over Wikipedia nor responsibility for its contents. >> >> >> _______________________________________________ >> Wikimania-l mailing list >> [email protected] >> https://lists.wikimedia.org/mailman/listinfo/wikimania-l >> >> > > _______________________________________________ > Wikimania-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikimania-l > >
_______________________________________________ Wikimania-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikimania-l
