Ubuntu forums hacked; 1.82M logins, email addresses stolen

Canonical, the company behind the Ubuntu operating system, has suffered a massive data breach on its forums. All usernames, passwords, and email addresses were stolen.
Written by Zack Whittaker, Contributor
Ubuntu Forums suffered defacement by hackers on Saturday; also a significant data breach.
Image: ZDNet

Ubuntu Forums suffered a massive data breach, the company behind the Linux open-source based operating system said on Saturday.

In an announcement posted on its main forum page, Canonical confirmed there had been a security breach and that the team is working to restore normal operations.

The notice said "every user's local username, password and email address" from their database was stolen. The company confirmed that though the passwords are not stored in plain text, users who share passwords across sites are encouraged to change them.

"Ubuntu One, Launchpad and other Ubuntu/Canonical services are not affected by the breach," the open-source company stated.

An estimated 1.82 million users are subscribed to the forums, with more than 1.96 million threads, according to the last crawl by the Internet Archive in mid-June.

The forum itself is understood to be using vBulletin, a popular Web-based forum software.

The site was defaced by hackers during Saturday afternoon, according to social media reports. The main page was altered to include an image sporting a Twitter handle "Sputn1k_" which directs to an account with just five tweets and double-digit followers. The account did not follow any other user at the time of writing.

The image also pointed out a "shoutout" to Twitter user @rootinabox, who appears to be based in the Netherlands. But the link pointed to a website that does not appears to be associated with the account holder.

The social media community appeared generally critical of the move.

"You must feel proud defacing a site by volunteers. They dedicate time and effort to make a free distro. Worst kind of 'hacker'," said one user directed towards the alleged hacker's Twitter account. 

Others who tweeted the attacker during the past few hours simply asked what the music was that he injected into the hacked page when it loaded.

Editorial standards