Msg#: 4579252 posted 11:33 pm on May 29, 2013 (gmt 0)
Unauthorized access to account information was discovered on Drupal.org and groups.drupal.org.
Malicious files were placed on association.drupal.org servers via a third-party application used by that site. Upon discovering the files during a security audit, we shut down the association.drupal.org website to mitigate any possible ongoing security issues related to the files. The Drupal Security Team then began forensic evaluations and discovered that user account information had been accessed via this vulnerability.