You are receiving this message because you have an account registered with this address on ubuntuforums.org.

The Ubuntu forums software was compromised by an external attacker.

As a result, the attacker has gained access to read your username, email address and an encrypted copy of your password from the forum database.

If you have used this password and email address to authenticate at any other website, you are urged to reset the password on those accounts immediately as the attacker may be able to use the compromised personal information to access these other accounts. It is important to have a distinct password for different accounts.

The ubuntuforums.org website is currently offline and we are working to restore this service. Please take the time to change your ubuntuforums.org account password when service is restored.

We apologize for any inconvenience to the Ubuntu community, thank you for your understanding.

The Canonical Sysadmins.
Si has recibido este mensaje, es que eres parte de la Comunidad Ubuntu. 1,82 millones cuentas de UbuntuForums.org se vieron comprometidas en la brecha de seguridad, durante el fin de semana, una intrusión a sus servidores expuso una buena cantidad de información de sus usuarios.. Los intrusos lograron acceso a las direcciones de correo electrónico y a las contraseñas de los usuarios, aunque estas se encontraban debidamente protegidas por lo que no habrían sido reveladas. Aún así, desde Canonical recomiendan cambiar la contraseña de cualquier otra cuenta que utilizara la misma de los foros de Ubuntu.

En Canonical creen que el ataque solo afectó a los foros y no a otros servidores de la compañía, pero igualmente están investigando la situación para descubrir por donde se metieron los intrusos. Además, también están contactando por correo electrónico a todos los usuarios afectados por el hackeo.

What we know


  • Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
  • The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
  • Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.


Progress report



  • 2013-07-20 2011UTC: Reports of defacement
  • 2013-07-20 2015UTC: Site taken down, this splash page put in place while investigation continues.
  • 2013-07-21: we believe the root cause of the breach has been identified. We are currently reinstalling the forums software from scratch. No data (posts, private messages etc.) will be lost as part of this process.
  • 2013-07-22: work on reinstalling the forums continues.


http://ubuntuforums.org/announce.html

Link:Notice of security breach on Ubuntu Forums site(Blog de Canonical)