Wiki Attack January 2013
Summary
The python.org wikis for Python, Jython and the Python Software Foundation (PSF) were subject to a security breach and later attack which caused all of the wiki data to be destroyed.
An analysis of the incident revealed that an exploit had been planted on our servers, which allowed arbitrary execution of code under the user running the MoinMoin wiki.
It is likely that the password information was downloaded from the server in the course of the security breach, so we recommend changing your passwords immediately, if you have used the same password for other services as well.
During the recovery, we reset all passwords on the wiki server to make sure that users do change their passwords. You can use the password recovery function of the resp. wiki to reset your password. The function is shown when clicking on the login link.
Moving forward, we will no longer allow changing wiki pages without login.
Please report any problems you find with the wiki to the mailto:pydotorg-www@python.org mailing list.
Attack Analysis
TBD
Content Recovery
TBD
-- Python Software Foundation