Board Thread:General Discussion/@comment-168424-20151004232302/@comment-35.8.204.131-20151010191806

you guys do realize the first hack was the dev wiki right? that damaged a bunch of imports resulting in a temp lockdown of everything then in all scripts being locked to codeeditors.

the hacker then moved on to simply gaining access to staff accounts, compromised a single account twice then increased to 4 this past incident. if you notice in the logs, some staff members are not back to normal just yet. DaNascast said they were a lot more serious at this point than before and are considering 2 factor authentication. not only were gaming wikis being redirected to others or to the close page, random people were being promoted on dev, central and on other wikis affected. staff accounts were compromised, i don't think anyone was blocked but staff apparently did global a few to be sure who was in control of said accounts - seems resolved.

one thing that I noticed is the Helios login on central, if JS is disabled then it redirects to a secure page otherwise its a pop up. not entirely sure the pop up is 100% secure.

and yes, the email confirm seems to have gotten compromised as well. best thing you can do is send in a bug report and tag it with [urgent] in the subject line, staff will be able to get back to you a bit faster. keep in mind, special:contact/general and special:contact/feedback get processed last while bug reports first. staff should be well aware of said bug and working with people on getting it fixed.

lots of security holes, some old and others new. let's give them time to "fix" everything, hopefully engineers find the root of the problem and patch that. none of the above is speculation, its what actually happened.