One private wiki used for one customer for collaboration was hacked using special:userlogin twice. Not sure how that works. The hacker went directly to a project category, downloaded a bunch of files. This was obviously someone very familiar with Mediawiki, no kiddie script.
I have not yet found in the log files where this happened yet, but the hacker deleted all the data base entries after 9/9/2013. I did not this this was easily done.
Any help or insight would be appreciated.
Rev 1.19.2 PHP 5.3.24 MySQL 5.0.96-log
Thanks, Don