Ottobre 2013 rischio nella protezione e sicurezza di dati privati

This page is a translated version of the page October 2013 private data security issue and the translation is 44% complete.

Outdated translations are marked like this.

Il primo ottobre 2013 siamo venuti a conoscenza di un errore di implementazione che rende alcune informazioni private (specificatamente indirizzi email degli utenti, password, token di sessione, e data e ora dei login), di circa 37.000 utenti di progetti di Wikimedia, accessibili dai volontari con account all'infrastruttura "LabsDB" di Wikimedia.

La struttura LabsDB inaugurata nel maggio 2013 è progettata per fornire ai volontari la possibilità di generare report che permettano l'utilizzo dei nostri database in tempo reale. Questo supporta l'innovazione di tipo bottom-up da parte della comunità di Wikimedia. Come parte di questo processo, i dati privati vengono automaticamente inseriti prima che i volontari abbiano accesso agli stessi. Sfortunatamente per alcune wiki di Wikimedia ^[1], i processi del database utilizzati per inserire i dati hanno fallito a causa di una incompatibilità nello schema, e alcuni utenti del LabsDB hanno avuto accesso ai dati privati di alcuni utenti nei database delle wiki specificate in nota. Fino al 1 ottobre 1. 228 utenti hanno avuto accesso al LabsDB e la finestra di visibilità di questi dati è durata dal 29 maggio 2013 fino al 1 ottobre 2013

This issue was discovered and reported by a trusted volunteer, and access to the data in question was revoked within 15 minutes of the report. We have no evidence to suggest that the private data in question was exported in bulk or used for malicious purposes, but we cannot definitively exclude the possibility. As a precautionary measure, we have invalidated all affected user sessions, and are requiring affected users to change their password on their next login.

We have also sent an email notification to affected users with a confirmed email address.

We regret this mistake. LabsDB is still a new part of our infrastructure, and we will fully audit the redaction process, so as to minimize any risk of a future mistake of this nature.

Sincerely,
Erik Moeller
Vice President of Engineering & Product Development

↑ Lista dei database coinvolti: aswikisource bewikisource dewikivoyage elwikivoyage enwikivoyage eswikivoyage frwikivoyage guwikisource hewikivoyage itwikivoyage kowikiversity lezwiki loginwiki minwiki nlwikivoyage plwikivoyage ptwikivoyage rowikivoyage ruwikivoyage sawikiquote slwikiversity svwikivoyage testwikidatawiki tyvwiki ukwikivoyage vecwiktionary votewiki wikidatawiki wikimania2013wiki wikimania2014wiki

Informazioni di contatto

Se hai domande da fare per favore contattaci tramite:

accountsecuritywikimedia.org

Puoi anche rivolgerti alla Wikimedia Foundation tramite

Wikimedia Foundation, Inc.
149 New Montgomery Street
Floor 6
San Francisco, CA 94105
United States
Telefono: +1-415-839-6885
Fax: +1-415-882-0495

Domande e Risposte

Cosa è successo?

On October 1, 2013, we learned about a configuration error in one of our databases that made specific private user information for approximately 40,000 Wikimedia project users accessible to volunteers with access to the Wikimedia “LabsDB” infrastructure.

Cos'è LabsDB?

LabsDB, launched in May 2013, is designed to give volunteers the ability to write tools and generate reports that make use of data from our databases in real-time. This supports bottom-up innovation by the Wikimedia community.

Who discovered the issue?

This was discovered and reported by a trusted volunteer, and access to the data in question was revoked within minutes of the report.

La segnalazione del bug si trova qui.

What kind of information was available to LabsDB users?

There were four types of user information that were potentially available: user email addresses, password hashes, session identifiers (used to keep you logged in), last log-in timestamp.

Note that password hashes do not reveal passwords in cleartext; if any third party successfully obtained a copy of the hashes, they would need to mount a brute force attack in order to obtain valid passwords from the hashes, which is most likely to be successful in the case of very simple, insecure passwords. The passwords were hashed using the MD5 algorithm with a salt.

This configuration error did not affect any donor data, and no other private data was available.

Per quanto tempo sono state disponibili quelle informazioni?

The window of availability of this data was May 29, 2013 to October 1, 2013.

Why did it take so long to discover the configuration error?

Only a subset of our public wikis was affected by the redaction issue, and only a subset of private data was accessible. The redaction mechanism was tested and appeared to be working as intended, but a set of new wikis that were added with a small difference in their database schema caused the process to partially fail without notice, until a volunteer pointed out the discovery of the issue.

Chi avrebbe avuto accesso a quelle informazioni?

Users of LabsDB would have potentially been able to access this user information, but we have no evidence to suggest that anyone did.

Al 1º ottobre, 228 utenti hanno accesso a LabsDB.

Che tipi di protocolli di sicurezza avete per evitare la disponibilità dei dati utente?

As part of this process, private data is automatically redacted before volunteers are given access to the data. Unfortunately, for some of Wikimedia's wikis, the database triggers used to redact private data failed to take effect, and LabsDB users had access to private user data present for some users in these specific wiki databases.

Qualcuno ha avuto accesso a informazioni personali?

We have no indication that any third party actually accessed this information, only that it was potentially accessible to a LabsDB account holder. To the limited extent we're able, we have looked for such evidence but found no evidence to suggest that the private data in question was exported in bulk or used for malicious purposes, but we cannot definitively exclude the possibility.

Quali erano i database coinvolti?

aswikisource
bewikisource
dewikivoyage
elwikivoyage
enwikivoyage
eswikivoyage
frwikivoyage
guwikisource
hewikivoyage
itwikivoyage
kowikiversity
lezwiki
loginwiki
minwiki
nlwikivoyage
plwikivoyage
ptwikivoyage
rowikivoyage
ruwikivoyage
sawikiquote
slwikiversity
svwikivoyage
testwikidatawiki
tyvwiki
ukwikivoyage
vecwiktionary
votewiki
wikidatawiki
wikimania2013wiki
wikimania2014wiki

What have you done to remedy the configuration error?

Access to the data in question was revoked within 15 minutes of the report. As a precautionary measure, we have invalidated all affected user sessions, and are requiring affected users to change their password on their next login. We have also sent an email notification to affected users with a confirmed email address.

We will also fully audit the redaction process to minimize any risk of a future mistake of this nature.

Uso la stessa password anche su altri siti, dovrei cambiarla anche lì?

While only password hashes were potentially exposed to third parties, those are vulnerable to certain forms of brute force attacks that could recover passwords (especially if the password isn't particularly strong). We recommend that you change your password on any other site where it was used – ideally to a different one than you use on Wikimedia projects.

[1] Lista dei database coinvolti: aswikisource bewikisource dewikivoyage elwikivoyage enwikivoyage eswikivoyage frwikivoyage guwikisource hewikivoyage itwikivoyage kowikiversity lezwiki loginwiki minwiki nlwikivoyage plwikivoyage ptwikivoyage rowikivoyage ruwikivoyage sawikiquote slwikiversity svwikivoyage testwikidatawiki tyvwiki ukwikivoyage vecwiktionary votewiki wikidatawiki wikimania2013wiki wikimania2014wiki

[1]