On 4 May 2018 at 01:27, John Bennett <jbenn...@wikimedia.org> wrote:
> Hello,
>
> Many of you may have been receiving emails in the last 24 hours warning you
> of "Multiple failed attempts to log in" with your account. I wanted to let
> you know that the Wikimedia Foundation's Security team is aware of the
> situation, and working with others in the organization on steps to decrease
> the success of attacks like these.
>
> The exact source is not yet known, but it is not originating from our
> systems. That means it is an external effort to gain unauthorized access to
> random accounts. These types of efforts are increasingly common for
> websites of our reach. A vast majority of these attempts have been
> unsuccessful, and we are reaching out personally to the small number of
> accounts which we believe have been compromised.
>
> While we are constantly looking at improvements to our security systems and
> processes to offset the impact of malicious efforts such as these, the best
> method of prevention continues to be the steps each of you take to
> safeguard your accounts. Because of this, we have taken steps in the past
> to support things like stronger password requirements,[1] and we continue
> to encourage everyone to take some routine steps to maintain a secure
> computer and account. That includes regularly changing your passwords,[2]
> actively running antivirus software on your systems, and keeping your
> system software up to date.
>
> My team will continue to investigate this incident, and report back if we
> notice any concerning changes. If you have any questions, please contact
> the Support and Safety team (susa{{@}}wikimedia.org).
>
> John Bennett
> Director of Security, Wikimedia Foundation
>
> [1] https://meta.wikimedia.org/wiki/Password_strength_requirements
> [2] https://meta.wikimedia.org/wiki/Special:ChangePassword
> _______________________________________________
> Wikimedia-l mailing list, guidelines at:
> https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
> https://meta.wikimedia.org/wiki/Wikimedia-l
> New messages to: Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> <mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>
Thanks for the update.
Could you please follow up with a public report about incident and the
analysis. There is plenty of data available in the public domain, and
an awful lot of users have been affected, there seems no special
reason to keep the basic analysis a secret even if some
behind-the-scenes changes might need to remain unpublished. I have
raised this as a Phabricator ticket as a prompt.[1]
By the way, the Wikimedia user community is still waiting for the
promised report on the OurMine hack of 11th November 2016. Could you
get on with it please? Leaving users hanging for more than a year for
analysis to get published is not a good look for the WMF, it leaves us
wondering if this type of standard analysis gets done properly or
not.[2]
Links
1. https://phabricator.wikimedia.org/T193846 Publish analysis of
sustained login attack of 3 May 2018
2. https://phabricator.wikimedia.org/T150605 Publish an analysis of
the OurMine hack
Thanks
Fae
--
fae...@gmail.com https://commons.wikimedia.org/wiki/User:Fae
_______________________________________________
Wikimedia-l mailing list, guidelines at:
https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and
https://meta.wikimedia.org/wiki/Wikimedia-l
New messages to: Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
<mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe>
