Popular Derbian-based Linux operating system (OS) Ubuntu’s user forums have been hacked with over two million user details stolen that includes usernames, email addresses, and IP addresses.
Ubuntu is one of the the most popular Linux distribution systems used for PCs, smartphones and network servers.
Canonical, the firm that builds and develops Ubuntu, said the attackers had the ability to read any table in the database, but the company believes they only read from the “user” table, which means the attackers shouldn’t have access to forums accounts with higher privileges.
Canonical CEO Jane Silber explains: “We were able to confirm there had been an exposure of data and shut down the Forums as a precautionary measure. Deeper investigation revealed that there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched.”
To fix the situation, Canonical backed up its servers and then used a clean version of the vBulletin forums software with the latest security patch to restore the Ubuntu Forums. Although the company said it doesn’t think the attackers gained system-level access, it reset all of the system and database passwords. It also installed ModSecurity, a web application firewall, to prevent similar attacks in the future.