Ubuntu Forums Hacked, All User Data Swiped

The Ubuntu forum is down and they have revealed that they have been hit by an attack that resulted in all of the usernames, passwords and e-mail addresses from the user database being compromised. They are continuing to work on re-installing the forums.

On their website they announced that there has been a security breach and the the Canonical IS team is working to restore normal operations.

On the announcement page they stated what they know;

  • Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
  • The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
  • Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.

As always, it's never a good idea to use the same username and password all over the internet as these types of breaches are pretty common lately.