Welcome to WebmasterWorld Guest from 184.72.145.109

Forum Moderators: bakedjake

Message Too Old, No Replies

After Being Hacked, Canonical Warns Ubuntu Forum Users To Change Passwords Immediately

     
1:00 pm on Jul 22, 2013 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:22282
votes: 236


E-mail addresses, user names, and password data for every registered user of the Ubuntu Forums—estimated to be 1.82 million accounts—were exposed in a security breach hitting the company responsible for maintaining the freely available, open-source operating system. There's no sign the compromised data has been published online.

The Ubuntu Forums were closed Saturday evening, following the discovery that the site's homepage was defaced by someone who managed to gain privileged access to its underlying servers. To their credit, administrators with Canonical, the for-profit company that markets Ubuntu, quickly issued an advisory that warned users who used their forum password to safeguard other accounts to change the credentials immediately.After Being Hacked, Canonical Warns Ubuntu Forum Users To Change Passwords Immediately [arstechnica.com]
"While the passwords were not stored in plain text, good practice dictates that users should assume the passwords have been accessed and change them," Ubuntu CEO Jane Silber wrote in an updated advisory. "If users used the same password on other services, they should immediately change that password."
4:21 pm on July 22, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:July 29, 2007
posts:1518
votes: 9


Hopefully none of the 1.82 million account holders used the same login and password elsewhere or used these email addresses for anything but that forum, that's where the real damage can happen.

This type of breach is exactly why I am not a fan of Google's 'link everything and use real personal info and names' etc, it's dangerous.
5:28 pm on July 22, 2013 (gmt 0)

Moderator from US 

WebmasterWorld Administrator martinibuster is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 13, 2002
posts:13964
votes: 119


Good point, JS_Harris. Varying passwords is a good practice.
10:43 pm on July 22, 2013 (gmt 0)

Moderator from GB 

WebmasterWorld Administrator brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 30, 2002
posts:4842
votes: 1


Wonder what the motives for hacking them are, other than teaching them a lesson for having an insecure website?

Passwords are such a hassle nowadays.
7:28 am on July 23, 2013 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14470
votes: 49


As the site is offline still those of you with accounts will have to wait until they fix things.

This was just a forums hack. What were they using for their forums?
10:16 am on July 23, 2013 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 4, 2004
posts:877
votes: 0


According to archive.org on March 4th it was VB. That said I know when phpBB.com got hacked a few years back they didn't breach the forum software but third party software that was also installed.
1:46 am on July 24, 2013 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14470
votes: 49


I dug around a bit too. It looks like they were running vB 4.2.0 and 1.8 million accounts were compromised?! That's a huge install and it's no wonder they're taking their time to get everything back online.
8:26 am on July 31, 2013 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:Oct 12, 2000
posts:14470
votes: 49


It looks like they finally opened their forums again after a long time offline.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members