UbuntuForums Hacked; user names and passwords stolen!

TSJnachos117 · 2013-07-21 00:02:59 UTC

The UbuntuForums have recently been hacked, with Canonical advising anyone who uses the same user name/password for other services, such as email, to change your password immediately. Other Ubuntu-based services, such as Launchpad and UbuntuOne have not been affected by this incident.

However, what disturbs me the most is what Canonical posted in response to this hack:

Unfortunately the attackers have gotten every user’s local username, password, and email address from the Ubuntu Forums database.
I sure hope they didn’t mean “every user” in the literal sense!

If any users need Ubuntu-related help, you can still go to AskUbuntu, as that sight is still up and running (unless you prefer Club Myce!).

Wombler · 2013-07-21 04:37:06 UTC

That sounds pretty serious and it would seem to me that they do mean ‘every user’ in the literal sense.

Here are the full details and recommendations they posted in case anyone is affected.

â€¢Unfortunately the attackers have gotten every user’s local username, password, and email address from the Ubuntu Forums database.
â€¢The passwords are not stored in plain text. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
â€¢Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.

[B]Wombler[/B]

ChristineBCW · 2013-07-21 05:24:41 UTC

Thanks for the heads-up. We’re safe but we’ve made sure those chums that use that forum get the notice.