Last modified: 2013-10-21 08:13:47 UTC
dumpBackup.php apparently dumps just the revisions and log events. There should be a script that will dump everything except the tables and fields containing sensitive data (i.e. stuff listed at https://www.mediawiki.org/wiki/Manual:Database_fields_containing_sensitive_data ). There should be new configuration settings, $wgSensitiveFields and $wgSensitiveTables, whose default values are set in DefaultSettings.php. Extensions, e.g. CheckUser, can add fields and tables to these arrays. The backup dumper will exclude those fields and tables from the backups.
Perhaps the sensitive data, too, could be included in encrypted form. Then, as long as the systems administrator saved the key, these backups would still be usable to bring back the full database.