It’s been a year since Kernel.org was hacked by intruders. Still no report publicly explaining what happened. The last I was told was that an investigation is underway.
“Thanks to all for your patience and understanding during our outage and please bear with us as we bring up the different kernel.org systems over the next few weeks. We will be writing up a report on the incident in the future.”
I expect that a report could be issued with carefully chosen words so as not to compromise any investigation. The bad guys know what they did. What harm would openness cause? It could cause a lot of good if there is something that others could do to prevent other such compromises. Was it weak/lost/stolen passwords or something more fundamental? Curious minds want to know.