Debian User Forums

Ubuntu Forums is down for maintenance

There has been a security breach on the Ubuntu Forums. The Canonical IS team is working hard as we speak to restore normal operations. This page will be updated with progress reports.
What we know

Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.

ravisista wrote:How can we make sure it wouldn't happen here? Thanks.

3ur0(|yd0n wrote:"We" can be used figuratively.

E.g., if one person asks another, "How are we doing today?", it is generally understood that the person is asking for a response from the other person about the other person, rather than asking how the both of them are doing together.

Apparently, the Ubuntu forum used "an outdated version of vbulletin which left their admin panel unsecured".

It may be that the OP is merely asking whether or not such vulnerabilities have been taken into consideration by the admin of this forum, as opposed to suggesting that we can collectively stop such hacking attempt.

ravisista wrote:Exactly. My original question was aimed towards the System admins of this forum.

ravisista wrote:How can we make sure it wouldn't happen here? Thanks.

cynwulf wrote:

ravisista wrote:How can we make sure it wouldn't happen here? Thanks.

By not using overpriced proprietary bulletin board software (while pretending to be an organisation which cares about free software...)

bw123 wrote:A security breach and "hacked" could mean two different things... kind of interesting I guess but if I click it will probably show me a bunch of lame ads.