On May 26, 2005, an anonymous user edited the Wikipedia biography of John Seigenthaler Sr., a respected journalist and former assistant to Robert F. Kennedy. The edit claimed that Seigenthaler had been "thought to have been directly involved in the Kennedy assassinations of both John and his brother Bobby." The claim was completely fabricated. It stayed in the article for 132 days.

That incident nearly killed Wikipedia. It almost certainly made it stronger. And it kicked off a two-decade arms race between vandals and the volunteer army trying to stop them. The story of Wikipedia vandalism is really the story of how a radically open platform learned to defend itself without abandoning the openness that made it work in the first place.

The Seigenthaler incident (2005)

John Seigenthaler was 78 years old when he discovered that Wikipedia was telling the world he might be an assassin. A friend called to tell him. Seigenthaler, who had founded the Freedom Forum First Amendment Center at Vanderbilt University, was horrified.

He wrote an op-ed for USA Today in November 2005 with the headline "A False Wikipedia 'Biography'." The piece was devastating. He described trying to get the false information removed and the frustration of dealing with a system that seemed to have no accountability. He couldn't even find out who had written the libel, because Wikipedia allowed anonymous editing.

The incident forced Wikipedia to confront something it had been avoiding: the encyclopedia's model of radical openness had a real cost. People could be seriously harmed by false information that looked authoritative simply because it appeared on a site that millions of people trusted.

Wikipedia's response was to create the "Biographies of Living Persons" (BLP) policy, one of the strictest content policies on the site. BLP requires that all biographical claims about living people be sourced to reliable publications. Unsourced or poorly sourced material, especially if it's negative, must be removed immediately without waiting for discussion. This policy is enforced more aggressively than almost any other Wikipedia rule.

I want us to think about ways to make it much harder for a new user to add false or misleading information to biographies of living people. The current policy is already very strict, but we need to enforce it better.

[Jimmy Wales](https://en.wikipedia.org/wiki/Jimmy_Wales), Wikipedia mailing list, 2005

The anonymous editor was eventually identified as Brian Chase, a 38-year-old operations manager from Nashville who said he'd written the false claim as a joke intended for a coworker. He apologized to Seigenthaler personally. The joke had been visible to the entire internet for four months.

Congressional staffers and the edit wars (2006)

In January 2006, journalists discovered that congressional staffers had been editing Wikipedia articles about their bosses. Staff members for Senator Norm Coleman had removed references to his past as a Democrat. Staff for Representative Marty Meehan had replaced his entire biography with a flattering version that omitted his broken term-limit pledge.

The revelations were embarrassing but not surprising. What made them notable was the response. Wikipedia started tracking edits from IP addresses associated with the U.S. Congress, and editors began flagging suspicious changes to political articles. The incident planted a seed: what if you could systematically identify who was editing Wikipedia from behind organizational IP addresses?

That seed would grow into something much bigger the following year.

Wikipedia Scanner (2007)

In August 2007, a 24-year-old Caltech graduate student named Virgil Griffith launched Wikipedia Scanner. The tool cross-referenced anonymous Wikipedia edits with the IP address ranges of corporations, government agencies, and other organizations. The results were explosive.

Diebold, the voting machine company, had edited the article about its own machines to remove concerns about security vulnerabilities. The CIA had edited articles about the Iraq War. ExxonMobil had tweaked articles about climate change. The Vatican's IP range showed edits to articles about Gerry Adams and Sinn Féin. Walmart had changed employee compensation figures. Pepsi had edited Coca-Cola's article.

None of this was necessarily organized corporate policy. People at these organizations might have been editing in their personal capacity during lunch breaks. But the optics were terrible, and the scale was impressive. Griffith's tool revealed tens of thousands of edits from organizational IP addresses.

Wikipedia Scanner didn't change Wikipedia's policies directly, but it changed the culture. Anonymous editing became more suspicious. The community developed stronger norms about conflicts of interest. And organizations started to realize that editing your own Wikipedia article was a reputational risk, not a PR strategy.

The slow-burn hoaxes

Not all vandalism is obvious. Some of the most impressive cases involved fabricated content that survived for years because nobody thought to check it.

The "Bicholim conflict" hoax is my favorite example. In July 2007, an editor created an article about a supposed conflict between the Portuguese colonial government and the Maratha Empire in Goa in 1640-1641. The article was well-written, properly formatted, and included references. It went through Wikipedia's "Good Article" review process and was actually promoted to Good Article status in 2007. It was entirely fictional. The article survived until December 2012, when an editor doing routine source verification discovered that none of the cited sources actually existed. Five and a half years of fooling the entire Wikipedia community.

Another long-lived hoax was the article on "Jar'Edo Wens," described as an Australian Aboriginal deity. Created in 2005, it was complete fiction that stood for nearly a decade before being identified as a hoax in 2014. The creator later admitted he'd been testing how long a completely made-up article could survive. Nine years, as it turned out.

These long-term hoaxes reveal something uncomfortable about Wikipedia's verification model. The system works well for catching obvious vandalism. It works poorly for catching plausible-sounding nonsense that's formatted correctly and cites sources that exist but don't actually say what the article claims, or cites sources that don't exist at all but have plausible-sounding titles.

The Scots Wikipedia disaster (2020)

This one is genuinely sad.

In August 2020, a Reddit user discovered that a huge portion of the Scots Wikipedia was written by an American teenager from North Carolina who didn't actually speak Scots. The teenager, who went by the username AmaryllisGardener, had been editing since 2013, when he was roughly 12 years old. Over seven years, he created or substantially edited more than 27,000 articles, nearly a third of the entire Scots Wikipedia.

The problem was that he'd been writing in English with occasional Scots-looking words mixed in, or running English text through crude word substitutions. "About" became "aboot." "Know" became "ken." The resulting text wasn't Scots. It was English with a bad Scottish accent.

The linguistic damage was significant. Scots Wikipedia had been used by researchers studying the Scots language. School students had been directed to it as a resource. A genuine minority language's digital presence had been substantially contaminated by one well-meaning teenager who didn't understand what he was doing.

The community response was agonized. AmaryllisGardener had been editing for seven years. Nobody had stopped him because almost nobody involved in Scots Wikipedia actually spoke Scots fluently enough to notice the problem. The incident exposed a fundamental vulnerability in Wikipedia's model: small-language editions don't have enough editors to maintain quality control.

Vandalism response times: then and now

In 2005, the Seigenthaler hoax stayed up for 132 days. By 2010, most obvious vandalism was caught within minutes. Today, automated tools like ClueBot NG catch and revert obvious vandalism in a median time of under 30 seconds. But sophisticated hoaxes, where the content is plausible and well-formatted, can still survive for months or years. The tools are good at catching noise. They're not good at catching lies that look like signal.

AI-generated hoaxes (2023-present)

The latest chapter in Wikipedia vandalism involves large language models. Starting around 2023, editors began noticing articles that were clearly generated by AI. The telltale signs were familiar to anyone who's spent time with ChatGPT output: overly smooth prose, vague sourcing, confident claims about obscure topics that couldn't be verified.

In late 2023, a Wikipedia editor documented a case where someone had used an AI to generate dozens of articles about obscure villages in a specific region, complete with fabricated population statistics, fake historical details, and citations to real-sounding but non-existent sources. The articles were well-formatted and followed Wikipedia conventions. Several survived for weeks before being caught.

The AI vandalism problem is qualitatively different from traditional vandalism. An angry teenager writing profanity on an article is easy to detect. An AI generating plausible-sounding articles about topics that no editor has expertise in is much harder. The content doesn't trigger vandalism filters because it doesn't contain any obviously problematic text. It just contains fiction dressed up as fact.

Wikipedia's community has been developing new tools and policies to address AI-generated content, including automated detection systems and stricter sourcing requirements for newly created articles. But it's an ongoing challenge, and one that's likely to get harder as AI text generation improves.

This, incidentally, is exactly the kind of problem that playing Bluffpedia trains you to recognize. The skills you develop identifying AI-generated Wikipedia summaries in a game context are the same skills Wikipedia editors need to catch AI-generated hoax articles.

The tools of defense

Wikipedia's anti-vandalism infrastructure has evolved from a handful of dedicated volunteers watching the Recent Changes feed to a sophisticated ecosystem of automated and semi-automated tools.

ClueBot NG is the heavy hitter. It's a machine learning-based bot that monitors every edit to English Wikipedia in real time and automatically reverts edits it classifies as vandalism. ClueBot NG catches about 40% of all vandalism on English Wikipedia, and it does it fast. Median revert time: under 30 seconds from the moment the vandalism is saved. The bot was trained on a dataset of hundreds of thousands of human-classified edits and achieves an accuracy rate above 99.7%.

Huggle is a semi-automated tool used by human patrollers. It provides a streamlined interface for reviewing recent edits, flagging suspicious ones, and reverting vandalism with a single click. Huggle users handle much of the vandalism that ClueBot NG misses, particularly the more subtle cases.

Twinkle is a set of JavaScript tools that give experienced editors one-click access to common maintenance actions: warning users, tagging articles for issues, reporting vandalism, and nominating pages for deletion.

ORES (Objective Revision Evaluation Service) is a machine learning service that scores edits based on their likelihood of being damaging or in good faith. Unlike ClueBot NG, ORES doesn't act on its own. It provides scores that other tools and human patrollers can use to prioritize their review work.

Together, these tools form a layered defense system. ClueBot NG catches the obvious stuff instantly. ORES flags the borderline cases for human review. Huggle and Twinkle give human patrollers efficient tools to handle what the bots miss.

Vandalism response times on English Wikipedia (estimated median revert time)

"Citation needed" and the culture of skepticism

Not all vandalism involves false information. Some of the most pervasive quality issues on Wikipedia involve unsourced claims that may or may not be true. The "[citation needed]" tag, added when an editor questions an unsourced claim, has become one of Wikipedia's most recognizable features, to the point where it's leaked into internet culture as a general-purpose expression of skepticism.

The "[citation needed]" tag was introduced around 2005 and has been applied millions of times across English Wikipedia. At any given time, there are roughly 300,000 to 400,000 active "[citation needed]" tags in English Wikipedia articles. Some of them have been there for years. The tag is easy to add and hard to resolve, because resolving it requires actually finding a reliable source and citing it properly.

Related to this is "wikilawyering," a term for editors who manipulate Wikipedia's policies to win arguments rather than improve articles. A wikilaywer might insist that a well-known fact be removed because the specific source cited doesn't support the exact phrasing used, even though dozens of other sources do. Or they might argue that a clearly notable subject fails notability guidelines based on a narrow reading of the policy.

Wikilawyering isn't vandalism in the traditional sense. Nobody is adding profanity or false claims. But it degrades article quality through procedural gamesmanship, and it's harder to fight because the wikilaywer is technically following the rules, just in bad faith.

The numbers

Vandalism on Wikipedia is both constant and, in relative terms, minor. On any given day, English Wikipedia receives roughly 300,000 to 500,000 edits. Estimates of the vandalism rate vary, but most studies put it somewhere between 5% and 10% of all edits. That sounds high until you consider that the vast majority of vandalism is reverted within minutes and never seen by a typical reader.

The more concerning figure is the persistence rate: what percentage of vandalism survives long enough to be read by people who don't know it's vandalism? This is harder to measure, but a 2012 study by researchers at the University of Minnesota found that about 7% of vandalism survived for more than 30 days. That number has likely improved since then, given the deployment of better automated tools, but it means there's always some amount of false information in Wikipedia at any given moment.

For high-traffic articles (the top 10,000 or so), vandalism persistence is very low because many editors are watching. For the long tail of obscure articles, persistence can be much higher because nobody is watching at all.

What we can learn from all this

The history of Wikipedia vandalism is a story about an impossible problem being made merely very difficult. You cannot build an encyclopedia that anyone can edit without accepting that some people will abuse that openness. The question is whether you can build systems that catch abuse quickly enough that the openness remains worthwhile.

Wikipedia's answer, developed over 25 years through painful trial and error, is layered defense: strict policies for sensitive content (BLP), automated detection for obvious attacks (ClueBot NG), semi-automated tools for human reviewers (Huggle, Twinkle), machine learning for edge cases (ORES), and a community of volunteer patrollers who care enough to spend their free time watching the Recent Changes feed.

It works. Not perfectly. There will always be another Bicholim conflict lurking in the encyclopedia's 6.8 million articles, looking plausible and waiting to be discovered. But the median piece of vandalism on Wikipedia now has a lifespan measured in seconds, not months.

That's the gap between 2005 and 2026. From 132 days to 30 seconds. From one angry op-ed nearly destroying the project to an ecosystem of tools and volunteers that catches most problems before anyone notices them.

The vandals haven't stopped. They've just been outpaced. For now.