The Perfect Wiki team is dedicated to maintaining high-quality products and keeping your data safe. Weโre committed to transparency, so weโre informing everyone about any security incident that happened to Perfect Wiki.
โถ๏ธ Dec 10, 2024
๐ We fixed a security bug related to the improper configuration of a Google Cloud Storage bucket. Big thanks to Tobias from Germany for the heads-up! This incident affected less than 1% of our customers. We fixed the issue within an hour of identifying it and have implemented measures to prevent similar incidents in the future. We apologize for any inconvenience.
What happened?
User content on Perfect Wiki is encrypted in transit and at rest. However, when users export data to PDF or HTML, it is temporarily unencrypted on Google Cloud Storage for download. Unfortunately, due to a configuration error by one of our tech specialists, a list of files exported between Dec 6 and Dec 9, 2024, were exposed online for 72 hours. We corrected this error in an hour by updating access policies.
What we did to prevent future issues:
1. Reviewed policies for all Google Cloud Buckets.
2. Conducted a security audit of all API endpoints.
3. Switched file export links to signed, expirable links that last 15 minutes.
4. Created an internal SOP for managing Google Cloud Storage policies.
What you can do:
We recommend changing any passwords stored on Perfect Wiki pages.
โถ๏ธ 2023
โ No Incidents
โถ๏ธ 2022
โ No Incidents
โถ๏ธ 2021
โ No Incidents
โถ๏ธ 2020
โ No Incidents