Ubuntu Forums Has Been Hacked


Nathan Osman's Gravatar

Nathan Osman
published July 20, 2013, 4:14 p.m.


Unfortunately, a group of hackers were able to successfully gain root access to the server(s) hosting the Ubuntu Forums today and compromise the entire website. The Canonical IS team is investigating the issue as we speak. The attackers replaced the website with the following image:


Ubuntu Forums

* image courtesy of VinDSL

Unfortunately, it appears that all usernames, password hashes, email addresses, and personal information was available to the attackers. Although plaintext passwords were never stored in the database, users are still strongly encouraged to change their passwords anywhere that they have used the same password.

In the meantime, if you visit the Ubuntu Forums website, you will be greeted with a message explaining the current status of the incident. There is currently no estimate on when the site will be back up and running. When this happens, users will likely be forced to change their passwords.


Updates

  • Many reports are surfacing that the server was running an outdated vBulletin installation with an improperly configured administration panel. We have been unable to confirm any of these reports.
  • User elfy claims that the "servers running vb [vBulletin] are being reinstalled at the moment" and it appears as if no data was lost.
  • The attack has now been mentioned on the Canonical Blog.

What should I do if I need help right now?

There are 3 excellent resources you can make use of while you're waiting for everything to come back up. (In fact, you should already be using the first one!)