Page MenuHomePhabricator

Publish analysis of sustained login attack of 3 May 2018
Closed, ResolvedPublic


Many users have been alerted to attempted logins to their accounts over several hours on 3 May. The attack was sustained with around 2,500 login failure per hour, being a magnitude higher than normal levels. A statement was made by email on 4 May:

This task is to track publication of any analysis. Though some details might have security implications, there is plenty of published operational data from the event, along with several on-wiki discussions by concerned users. Explaining what analysis has been done and whether this may be prevented in the future does not have to compromise security. A report may even help to encourage long term users and those with trusted rights to enable two factor authentication on their accounts.

Event Timeline

Fae created this task.May 4 2018, 9:32 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 4 2018, 9:32 AM
abian added a subscriber: abian.May 4 2018, 11:17 AM
Yann added a subscriber: Yann.May 4 2018, 12:09 PM
Lofhi added a subscriber: Lofhi.May 4 2018, 1:17 PM
Altt311 added a subscriber: Altt311.May 4 2018, 2:52 PM
Bawolff added a subscriber: Bawolff.May 4 2018, 3:18 PM
Vituzzu added a subscriber: Vituzzu.May 4 2018, 3:19 PM
Huji added a subscriber: Huji.May 4 2018, 5:39 PM
Mbch331 added a subscriber: Mbch331.May 4 2018, 6:54 PM
SQL added a subscriber: SQL.May 6 2018, 4:03 AM
Ed7789 added a subscriber: Ed7789.May 6 2018, 1:12 PM
He7d3r added a subscriber: He7d3r.May 7 2018, 5:43 PM
Vvjjkkii renamed this task from Publish analysis of sustained login attack of 3 May 2018 to pmdaaaaaaa.Jul 1 2018, 1:11 AM
Vvjjkkii triaged this task as High priority.
Vvjjkkii updated the task description. (Show Details)
Vvjjkkii removed subscribers: Huji, Aklapper.
Yann renamed this task from pmdaaaaaaa to Publish analysis of sustained login attack of 3 May 2018.Jul 1 2018, 10:32 AM
Yann updated the task description. (Show Details)
Yann added subscribers: Aklapper, Huji.
Scott added a subscriber: Scott.Jul 1 2018, 5:56 PM
CommunityTechBot raised the priority of this task from High to Needs Triage.Jul 5 2018, 6:36 PM
Bawolff moved this task from Incoming to To Follow Up on the Security-Team board.Sep 4 2018, 4:25 PM
Tgr added a subscriber: Tgr.Oct 31 2018, 10:33 PM

There was a blog post about the attack. Presumably this task can be closed?

Jcross closed this task as Resolved.Sep 23 2019, 4:11 PM
Jcross claimed this task.
Jcross added a subscriber: Jcross.

The Security Team agrees and resolving this task for the time being.