dumpBackup.php apparently dumps just the revisions and log events. There should be a script that will dump everything except the tables and fields containing sensitive data (i.e. stuff listed at https://www.mediawiki.org/wiki/Manual:Database_fields_containing_sensitive_data ). There should be new configuration settings, $wgSensitiveFields and $wgSensitiveTables, whose default values are set in DefaultSettings.php. Extensions, e.g. CheckUser, can add fields and tables to these arrays. The backup dumper will exclude those fields and tables from the backups.
Version: 1.22.0
Severity: enhancement