Wouldn't disclosure in a public forum of any details of such an attack potentially inform the attackers and would-be imitators of the success or lack thereof of the attack, of its methods, and of detection and cleanup methods?
On Sat, Aug 25, 2018 at 12:21 PM, Fæ faewik@gmail.com wrote:
Dear Security group of the Wikimedia Foundation,
The community has been patiently waiting for *113 days* for an analysis to be published for the login attack of 3 May 2018.