Ubuntuforums.org Hacked

satuon writes "The popular Ubuntu Forums site is now displaying a message saying there was a security breach. What is currently known: Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database. The passwords are not stored in plain text. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP. Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach."

Re:Ummm...

[ancientt]

My first thought: "Oh crap, that's me." I use a few passwords across multiple sites, basically determining how unique and how complicated by how much I consider a breach a danger and how much I trust the site to keep the password info secure. Generally, I hate forums that build their own password systems rather than using OpenID or Google Sign In or even Facebook login, and don't trust them much. Still, I tend to trust Unix minded people to care about security.

This means I might have been silly enough to use a password I care to keep secret, so I checked. Nope. Obviously I thought they were idiots to set up their own system and used a password so bad it is obvious that I don't even care if a random guess might get it. I don't use Ubuntu but I have and sometimes I might want to comment in a forum when issues cross distributions.

I hope others learn from this.. but I don't hold out tremendous hope.