Re: [Wikimedia-l] Information on "Multiple failed attempts to log in" emails

-- faewik@gmail.com https://commons.wikimedia.org/wiki/User:Fae On Fri, 4 May 2018 at 10:40, Fæ faewik@gmail.com wrote: > > On 4 May 2018 at 01:27, John Bennett jbennett@wikimedia.org wrote: > > Hello, > > > > Many of you may have been receiving emails in the last 24 hours warning you > > of "Multiple failed attempts to log in" with your account. I wanted to let > > you know that the Wikimedia Foundation's Security team is aware of the > > situation, and working with others in the organization on steps to decrease > > the success of attacks like these. > > > > The exact source is not yet known, but it is not originating from our > > systems. That means it is an external effort to gain unauthorized access to > > random accounts. These types of efforts are increasingly common for > > websites of our reach. A vast majority of these attempts have been > > unsuccessful, and we are reaching out personally to the small number of > > accounts which we believe have been compromised. > > > > While we are constantly looking at improvements to our security systems and > > processes to offset the impact of malicious efforts such as these, the best > > method of prevention continues to be the steps each of you take to > > safeguard your accounts. Because of this, we have taken steps in the past > > to support things like stronger password requirements,[1] and we continue > > to encourage everyone to take some routine steps to maintain a secure > > computer and account. That includes regularly changing your passwords,[2] > > actively running antivirus software on your systems, and keeping your > > system software up to date. > > > > My team will continue to investigate this incident, and report back if we > > notice any concerning changes. If you have any questions, please contact > > the Support and Safety team (susa{{@}}wikimedia.org). > > > > John Bennett > > Director of Security, Wikimedia Foundation > > > > [1] https://meta.wikimedia.org/wiki/Password_strength_requirements > > [2] https://meta.wikimedia.org/wiki/Special:ChangePassword > > _______________________________________________ > > Wikimedia-l mailing list, guidelines at: https://meta.wikimedia.org/wiki/Mailing_lists/Guidelines and https://meta.wikimedia.org/wiki/Wikimedia-l > > New messages to: Wikimedia-l@lists.wikimedia.org > > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-request@lists.wikimedia.org?subject=unsubscribe > > Thanks for the update. > > Could you please follow up with a public report about incident and the > analysis. There is plenty of data available in the public domain, and > an awful lot of users have been affected, there seems no special > reason to keep the basic analysis a secret even if some > behind-the-scenes changes might need to remain unpublished. I have > raised this as a Phabricator ticket as a prompt.[1] > > By the way, the Wikimedia user community is still waiting for the > promised report on the OurMine hack of 11th November 2016. Could you > get on with it please? Leaving users hanging for more than a year for > analysis to get published is not a good look for the WMF, it leaves us > wondering if this type of standard analysis gets done properly or > not.[2] > > Links > 1. https://phabricator.wikimedia.org/T193846 Publish analysis of > sustained login attack of 3 May 2018 > 2. https://phabricator.wikimedia.org/T150605 Publish an analysis of > the OurMine hack > > Thanks > Fae > -- > faewik@gmail.com https://commons.wikimedia.org/wiki/User:Fae