All - Yesterday (April 5) at 8:54 AM Pacific time the RFC Editor server was attacked and compromised by an outside party. As a result of this hack, the server's operation became erratic. Staff were unable to login, and the website was returning invalid search results for searches against the RFC Editor database. AMS IT staff took immediate action, halting the server and performing an investigation. We restored service 90 minutes later, after repairing and restoring the damaged server, and doing a thorough check to make sure we hadn't missed anything. At the time, notifications were sent out to RFC and IETF leadership; this follow-up message is being sent to the community at the request of the IAOC chair. AMS took steps to identify the attack vector and remove the discovered vulnerability. A variety of other steps were taken to ensure that no other systems were compromised, and that future attacks of the same type would fail. No data was lost, no permanent damage was done, and the total downtime for the website was 90 minutes. The game of hack vs. hack-prevention is, unfortunately, an ongoing one. There are many who believe that attacking servers is an appropriate course of action. Reality (and various international laws) prevents us from totally eliminating those type of threats. This attack was caught, handled quickly, and AMS staff continues to watch for any future threats that doubtless will come our way at some point. Thank you for your attention. Glen Glen Barney IT Director AMS (IETF Secretariat, RFC Publisher)