Unfortunately, hackers are attacking linux again. This time the Ubuntu forum has been the victim, since they have removed all the data of the forum users, thanks to an error that allowed SQL Injection to be executed
Friends, we have bad news for you. Canonical just announced that the official Ubuntu forum has been hackedTherefore, it is recommended to immediately change the access credentials.
This event has affected almost 2 million users, since lThe attackers have managed to access the forum's database, obtaining in the process the IP address, username, email and passwords of the forum users.
Hackers they got in thanks to a security flaw in the forum, which consisted of insufficient site protection against SQL injection-type attacks.
SQL injection consists of entering SQL commands on the site in order to access its database. Thanks to a security breach, the attackers managed to access the site's user table, which contains all the information about the forum's users.
Canonical has already apologized in this release, in which it also says that the bug is expected to be fixed soon and that everything returns to normal. If I were you, I would change the password of your email, especially those who use the same password for the Ubuntu forum and for email.
Clearly you have to be very careful with these things, as these security holes can cost millions of users dearly. However, Canonical is a great company and will undoubtedly know how to remedy this situation so that it does not happen again.
Unfortunately, this is not the first attack made against linux and free software nor will it be the last. Sounded was the attack on the Linux Mint website, in which they changed the official operating system ISO for a malicious ISO intended to steal data.
Now alone let's hope this only remains an anecdote,and that Canonical knows how to put it back together.