Wikimedia Foundation's response to recently compromised staff and community wiki accounts – Diff

Wikimedia Foundation's response to recently compromised staff and community wiki accounts – Diff
Skip to content
Photo
by PereslavlFoto,
CC BY-SA 3.0
Beginning on Friday, November 11, 2016, wiki accounts belonging to Wikimedia Foundation staff and community members were temporarily compromised. This incident is under investigation, and we will make more information available as we are able to do so. As part of our commitment to be transparent with our users, we are providing an overview of the incident, and sharing information about our response.
What happened?
On Friday, November 11, a number of Wikimedia Foundation staff and Wikimedia community accounts were temporarily accessed by an unidentified and unauthorized third party. This unknown person or persons made several edits to Wikimedia sites (en.wikipedia.org, wikimediafoundation.org, and mediawiki.org) while in control of these accounts. The attacker has continued attempting to access other accounts over the past several days, with the latest efforts taking place today, Wednesday, November 16.
What is being done?
Since the attack began, volunteer community members and Foundation staff have worked diligently to lock the compromised accounts and restore them to their owners, and to revert the edits made by the attackers. As this activity continues, we are actively monitoring the projects to secure compromised accounts, and revert malicious edits. We have enabled two-factor authentication for all Wikimedia Foundation staff and project administrators. We are working on enabling this feature for all accounts as soon as possible.
Additionally, we encourage everyone to change their passwords as a standard precautionary measure, and to ensure that they are using good password hygiene. This means:
Using strong passwords, containing at least 8 characters and including letters, numbers, and symbols.
Using unique passwords for your wiki accounts, and not reusing them for any other website or any other purpose. This means not reusing them across Wikimedia services (for instance, using the same password on your Gerrit account that you do to access the projects)
Changing passwords periodically.
If you are an administrator and have not enabled
two-factor authentication
on your account, please do so right away.
We recommend that everyone take a moment to consider their password practices. Strong, unique passwords will help us to protect the projects from attacks like this.
Our investigation into this incident is still ongoing and we will make more information available as we are able to do so. We can reassure any concerns of donors now.
“This incident did not affect fundraising operations,” said Lisa Gruwell, Chief Advancement Officer of the Wikimedia Foundation.
Donor and payment information is kept in a separate database and uses separate and dedicated server infrastructure with additional security. Donor and payment information was not involved in this incident.
The Wikimedia Foundation takes the privacy and security of user and staff very seriously. We will continue to monitor the projects and stop these attacks, and will be implementing additional security measures to prevent another similar incident.
Darian Anthony Patrick
, Security Manager
Wikimedia Foundation
*We would like to thank the volunteer admins and WMF teams, including Ops, Support and Safety, Editing, Labs, Reading, Release Engineering, Legal, and Communications, that have worked diligently to investigate and respond to this incident.
This post has been updated with information from the Wikimedia Foundation’s fundraising team.
Share this:
Share on Mastodon (Opens in new window)
Mastodon
Share on Bluesky (Opens in new window)
Bluesky
Archive notice:
This is an archived post from blog.wikimedia.org, which operated under different editorial and content guidelines than Diff.
Can you help us translate this article?
In order for this article to reach as many people as possible we would like your help. Can you translate this article to get the message out?
Start translation
Related
Related
Welcome to Diff
Welcome to Diff, a community blog by – and for – the Wikimedia movement. Join Diff today to share stories from your community and comment on articles. We want to hear your voice!
Subscribe to Diff via Email
Wikimedia News
Wikimedia Foundation News
“Cinematic intensity”: The winners of Wiki Loves Earth 2025
2 March 2026
by Wikimedia Foundation
Wikimedia Technology Blog
A Tech Blog Diff
24 February 2026
by LGoto
Down the Rabbit Hole
Announcing Wikipedia’s top 25 most-read articles of 2025
2 December 2025
by Wikimedia
Report this comment
wpDiscuz
You are going to send email to
Move Comment