Canonical Patches Security Issue on Ubuntu Forums, Passwords Weren't Compromised
|
|
It would appear that, on the day of July 14, 2016, the Ubuntu Forums were compromised by someone who managed to get past the security measures implemented by Canonical and access the forum's database.
|
|
Canonical was immediately notified of the fact that someone claimed to have a copy of the Ubuntu Forums database. After some investigation, it appears that the forum's database was indeed attacked at 20:33 UTC on July 14, 2016, by someone who injected certain formatted SQL to the database servers on the Ubuntu Forums.
Canonical reports that the attacker managed to download parts of the ‘user’ table that contained IP addresses, email addresses and usernames of over 2 million registered users. However, the attacker couldn't access active passwords of the users as they are stored as random strings thanks to the Ubuntu Single Sign On (SSO) technology. Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
