Ubuntu Forums Security Breach

Published: 2013-07-31
Last Updated: 2013-07-31 11:41:26 UTC
by Guy Bruneau (Version: 2)
2 comment(s)

Ubuntu forums are currently down because they have been breached. According to their post, "the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database." [1] They have advised their users that if they are using the same password with other services, to change their password immediately. Other services such as Ubuntu One, Launchpad and other Ubuntu/Canonical services are not affected. Their current announcement is can be read here.

Update: Ubuntu posted a post mortem on the Forums compromised that occurred last week available here. They provided a good summary on how they think the compromised occurred and what they did to clean and harden the site against further attack.

[1] http://ubuntuforums.org/announce.html

[2] http://blog.canonical.com/2013/07/30/ubuntu-forums-are-back-up-and-a-post-mortem/

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

2 comment(s)

Comments

Just received the breach notification email from Canonical regarding my account on Ubuntu Forums a few minutes ago.
I get a 404 when I try your #1 link

Not Found
The requested URL /announce.html was not found on this server.
Apache/2.2.22 (Ubuntu) Server at ubuntuforums.org Port 80

Diary Archives