The notice said "every user's local username, password and email address" from their database was stolen. The company confirmed that though the passwords are not stored in plain text, users who share passwords across sites are encouraged to change them.
"Ubuntu One, Launchpad and other Ubuntu/Canonical services are not affected by the breach," the open-source company stated.
The forum itself is understood to be using vBulletin, a popular Web-based forum software.
The site was defaced by hackers during Saturday afternoon, according to social media reports. The main page was altered to include an image sporting a Twitter handle "Sputn1k_" which directs to an account with just five tweets and double-digit followers. The account did not follow any other user at the time of writing.
The image also pointed out a "shoutout" to Twitter user @rootinabox, who appears to be based in the Netherlands. But the link pointed to a website that does not appears to be associated with the account holder.
The social media community appeared generally critical of the move.