Jane Silber
on 21 July 2013
There has been a security breach on the Ubuntu Forums site, ubuntuforums.org. We take information security and user privacy very seriously, and apologise for the breach and ensuing inconvenience.
At this time,
- We have confirmed the attackers were able to access all user email addresses and hashed passwords on the Forums site. While the passwords were not stored in plain text, good practice dictates that users should assume the passwords have been accessed and change them. If users used the same password on other services they should immediately change that password.
- We believe the issue is limited to the Ubuntu Forums and no other Ubuntu or Canonical site or service is affected.
- We have begun the process of notifying by email all users whose details have been compromised.
- We are continuing to investigate exactly how the attackers were able to gain access and are working with the software providers to address that issue. Once the investigation is concluded we will provide as much detail as we safely can.
The forums site will remain down until we can safely bring it up, and updates will be posted to the ubuntuforums.org page as they are available. Once again, we apologise for the issue.
In the meantime, if you’re using Ubuntu and need technical support please see the following page for support:
If you’re looking for a place to discuss Ubuntu we encourage you to check out these sites:
The Ubuntu subreddit
