Good to know it was so few people. Thanks for your diligence as always.
On Thu, Jun 25, 2020 at 10:57 PM Tim Starling tstarling@wikimedia.org wrote:
On 26/6/20 3:26 pm, Steven Walling wrote:
Thanks Tim,
- Does “saw the site” mean users actually had full or partial access to
the accounts of other users, or simply were viewing a cached version of
the
site that appeared as if they were logged in as someone else?
Users reportedly had full access to the accounts of other users.
How many users were impacted?
We had three reports. We've added logging which should help to determine whether anyone else was affected. So far, the indications are that it is an extremely rare event.
- Does the WMF hold incident review meetings and publish reports about
what steps are taken to prevent repeat incidents with the same root
cause?
Incidents are documented at https://wikitech.wikimedia.org/wiki/Incident_documentation
Action items are tagged with the Incident Prevention tag in Phabricator: https://phabricator.wikimedia.org/project/view/4758/
Whether there is an incident review meeting depends on the nature of the incident.
-- Tim Starling
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l