And one of the attacks was eventually successful in getting some data out.
The very few (~12) accounts with unencrypted passwords that could have been retrieved were updated and notified.
These attacks were based on a 2016 scripts readily available:
https://github.com/samedog/PHPmvs/blob/master/PHPmvs.phpI'm getting a daily log of suspicious URLs that got caught and blocking their IPs for a month.
They happen in waves with sources spread around the world, meaning that they are part of a botnet made of compromised computers launching parallel attacks to improve efficiency.
These attacks basically cost nothing to perform: they do not pay the electricity for compromised computers, it runs automatically from temporary Amazon, Azure or Google clouds costings a few $/hour.
They will just increase over time, better be ready!
Julien