Good to know it was so few people. Thanks for your diligence as always. On Thu, Jun 25, 2020 at 10:57 PM Tim Starling <[email protected]> wrote:
> On 26/6/20 3:26 pm, Steven Walling wrote: > > Thanks Tim, > > > > 1. Does “saw the site” mean users actually had full or partial access to > > the accounts of other users, or simply were viewing a cached version of > the > > site that appeared as if they were logged in as someone else? > > Users reportedly had full access to the accounts of other users. > > > How many users were impacted? > > We had three reports. We've added logging which should help to > determine whether anyone else was affected. So far, the indications > are that it is an extremely rare event. > > > 2. Does the WMF hold incident review meetings and publish reports about > > what steps are taken to prevent repeat incidents with the same root > cause? > > Incidents are documented at > <https://wikitech.wikimedia.org/wiki/Incident_documentation> > > Action items are tagged with the Incident Prevention tag in Phabricator: > <https://phabricator.wikimedia.org/project/view/4758/> > > Whether there is an incident review meeting depends on the nature of > the incident. > > -- Tim Starling > > > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
