After reading this [1] I am wondering if Wikimedia should start taking steps to reduce reliance on usernames and passwords. This issue is relevant to WMF and thematic organization staff email accounts, on-wiki accounts especially those with CU/OS and Arbcom roles, and other sensitive Wikimedia credentials. This issue also relevant to staff and volunteer accounts with third party services like Google Docs, Gmail, Skype, etc that are used to conduct Wikimedia related activities.
Pine
[1] http://mobile.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-m...