Thank for your response.
Yes it is an odd problem.
Was working OK - I am using Moodle 3.2.2+ (Build: 20170331) using a template based on Boost produced by a Moodle partner for me. All environment variables are OK
I have spent a two days on this so far.
1. created a new course and put in a new wiki set to individual - when I impersonated a student user could still see the user list.
2. Imported an old wiki from Moodle 2 and it worked fine in the newly created course.
3. imported the same old wiki into a current course and had the same problem that students could still see others.
4 Crosschecked the course setting between the old and new and setting all the same.
5. Crosschecked permissions between current course and the new one and they are the same.
6 . Crosschecked the permission in the wiki and they are all the same.
7. I have done clean install on my dev server but still get the same result.
My fix at the moment is tell students that the wiki is no longer private.