Jump to content

Wikimedia Foundation/March 2025 discovery of account compromises/Email example

Add links
From Meta, a Wikimedia project coordination wiki
Translate this page
Other languages:
Note: A few different emails were sent to users, depending on various factors related to their account such as recent edits. One example is shown below:

Dear [Username],

We've identified an unusual log-in to one or more of your Wikimedia project accounts. In response, we have implemented a series of immediate measures. Your Wikimedia account has been locked, terminating active sessions and preventing (temporarily) further log-ins.

You can restore access to your account by contacting the Wikimedia Foundation's Trust & Safety team at ca(_AT_)wikimedia.org. Please send the email from the address associated with your account, and also include your Wikimedia username (note that usernames are case-sensitive).

We believe this unauthorized activity is likely due to your login info becoming compromised through a site unrelated to Wikimedia projects. Known as "credential stuffing," this is an unfortunately common attack where bad actors find stolen usernames and passwords and attempt to use those same combinations across a variety of other websites and accounts, including Wikimedia accounts. Information that was accessed may include your username, password, email address, and your account information. This incident may have exposed your Wikimedia account information to a risk of misuse (e.g. unauthorized editing from your account and unauthorized disclosure of your account information and email address).

While we don’t have any reason to believe Wikimedia’s systems were the source of the compromise, we are working to implement additional security measures on Wikimedia projects to better prevent unauthorized account access in the future.

We also encourage you to change your passwords on your other online accounts, especially if you use the same password for these other accounts.

We believe that the privacy of the Wikimedia community is essential. We have created a meta-wiki page to document this incident for your reference. Translations of this message will be available on this page. If you have any questions about this message, please email us at privacy(_AT_)wikimedia.org.

Regards,

Wikimedia Foundation

Retrieved from "https://meta.wikimedia.org/w/index.php?title=Wikimedia_Foundation/March_2025_discovery_of_account_compromises/Email_example&oldid=28465625"