Revision 3 as of 2013-01-25 19:05:02

Clear message

Wiki Attack January 2013

Summary

The python.org wikis for Python, Jython and the Python Software Foundation (PSF) were subject to a security breach and later attack which caused all of the wiki data to be destroyed on January 5 2013.

An analysis of the incident revealed that an exploit had been planted on our servers possibly as early as July 25 2012, which allowed arbitrary execution of code under the user running the MoinMoin wiki.

It is likely that the password information was downloaded from the server in the course of the security breach, so we recommend changing your passwords immediately, if you have used the same password for other services as well.

During the recovery in the weeks after the attack, we reset all passwords on the wiki server to make sure that users do change their passwords. You can use the password recovery function of the resp. wiki to reset your password. The function is shown when clicking on the login link.

Moving forward, we will no longer allow changing wiki pages without login and have put additional security measures in place to prevent attacks like the one we came under. The PSF has also funded the change of the MoinMoin code base to include support for the passlib library, which provides much better means of protecting password information on the server than the SHA-1 based hash scheme used before MoinMoin 1.9.6. This new support will be available in MoinMoin 1.9.7.

Please report any problems you find with the wiki to the mailto:pydotorg-www@python.org mailing list.

Attack Analysis

TBD

Content Recovery

TBD

-- Python Software Foundation

Unable to edit the page? See the FrontPage for instructions.