The Tor browsing anonymisation service has urged users to upgrade their software after attackers broke into several Tor servers.
Two of the seven servers that run Tor directory authorities were compromised in the attack, as well as a metrics server, said project director Roger Dingledine in a blog post published on Friday.
The software on the three servers has since been reinstalled and service has been migrated to other machines, Dingledine said. Tor discovered the breach in early January.
Tor's directory authority encryption keys were not compromised, but the project generated fresh keys "out of an abundance of caution", Dingledine wrote. Users need to upgrade in order to make use of the new keys, he said.
Tor is intended to anonymise web browsing by routing a user's web traffic through a number of widely distributed servers. In December, security researchers revealed that Google's Chrome browser had a design flaw that rendered privacy protection services such as Tor ineffective. And in October, Tor said that China's government had been blocking the service in the run-up to the 60th anniversary of communist rule.
The attackers could not have discovered the identity of Tor users as a result of the breach, Dingledine said.
"By design, Tor requires a majority of directory authorities (four in this case) to generate a consensus; and like other relays in the Tor network, directory authorities don't know enough to match a user and traffic or destination," he wrote.
The attack appears to have been carried out in order to make use of Tor's servers to launch other attacks, according to Dingledine.
"It appears the attackers didn't realise what they broke into — just that they had found some servers with lots of bandwidth," he wrote. "The attackers set up some SSH keys and proceeded to use the three servers for launching other attacks."
He said Tor has taken steps to fix the security weaknesses that were exploited in the attack and to further harden Tor's systems.