From PvXwiki
Jump to: navigation, search

PvXwiki got hacked

What happened?!

Due to a big security hole some 3rd party got access to out MySQL backup utility. It has been used to run simultaneously restores in order to crash the MySQL DB. And they did succeed with that.

But since we had nearly daily backups it wasn't a problem by it self. We could just restore. However, whoever did crash the DB also deleted all DB backups and snapshots. The latest backup admins had downloaded and stored was from 23.08.2008. So the only option was to use that DB to restore PvXwiki...

Since this server has RAID and runs on ext3 it is nearly impossible to restore deleted files. In theory it is possible - but it would require several days or weeks offline time.


Hhhippo and I are deeply sorry, as much as we possibly can be. After all security of this website is our responsibility. I just hope you guys will understand and forgive us for this mistake...


We will setup an external backup solution using our hosting provider - it has a dedicated person who will check the server and backups every day. They will be stored and copied to safe locations etc. It cost a lot - but it is the only way to ensure this that this wont happen again.

Again, we are sorry!..

gcardinal 15:16, 11 September 2008 (EDT)