Board Thread:General Discussion/@comment--20150810171627/@comment-13301-20150810195002

Fandyllic wrote: Not much info in this announcement. What kind of user info could have been compromised? Did hackers access the Wikia user DB? Why couldn't Wikia just disable JS imported from outside the wikia.com domain?

My guess is that someone put JS to redirect the login form to an external website, so users that were using the login form on the affected wiki were sending their credentials to the attacker instead of logging into wikia.