Regular password resets are always a good thing to do, but this time we have a specific reason to ask you to consider taking the extra time.
In December 2017, our ISP detected port scans originating from our server and informed us about these. During the analysis, we found that someone (or better: some script) had found a way to break-in to our web server running the EuroPython website. We quickly fixed the situation, reset all authorizations and put measures in place to strictly limit the number of people having access to the server to a minimum and better secure the server against future break-in attempts. The server was only used as SSH port scanning relay and we found no evidence of loss or leakage of data. We don’t believe that any of your personal information got into the wrong hands, but even though the passwords are stored using secure and salted hashes (using PBKDF2), we still recommend to reset your password to be on the safe side. We know that this notice is late and we’d like to apologize for the hassle caused by this. If you have just created a new account on the https://ep2018.europython.eu/ website we just launched, no further action is necessary. We only recommend the password reset if you have had an account with us in previous years and this account is active on the new https://ep2018.europython.eu/ website. Logins on the older versions of our website are disabled for regular users, so no action is necessary on these. Please see our blog post for instructions on how to reset your password: https://blog.europython.eu/post/173793513217/europython-2018-please-reset-your-password Enjoy, -- EuroPython 2018 Team https://ep2018.europython.eu/ https://www.europython-society.org/ PS: Please forward or retweet to help us reach all interested parties: https://twitter.com/europython/status/994879080263831552 Thanks. -- https://mail.python.org/mailman/listinfo/python-list
