Important Notice: Possible security incident - no detected impact
Important Notice: Possible security incident - no detected impact
Between 19:45 UTC and 19:50 UTC, there was a mistake in how information was stored temporarily (cached) on Beehaw. This mistake could have allowed some people to see and use other people's accounts without permission.
If you were using the website during that time, please check that your account settings and email address are still correct. Also, make sure that any posts or actions you made during that time are still connected to your account.
It's important to note that we don't have any proof that this error was actually used by anyone to do anything bad during the short time it happened.
I can verify that @[email protected] is one of our volunteer sysadmins and this incident was witnessed by me.
same, same :p
I can, also, verify that @[email protected] is another volunteer sysadmin here at Beehaw.
That's one of the two hard problems of programming: cache invalidation, naming things, and off-by-one errors.
thanks for alerting everyone to this aswell as reacring quickly
Do we know what could have caused this cache error?
Yes; configuration settings for the web server involving improving performance. Those settings have been changed back to the previous, non-issue ones. So this should not occur at this time, or again.