Popular Derbian-based Linux operating system (OS) Ubuntu's user forums have been hacked with over two million user details stolen that includes usernames, email addresses, and IP addresses. Ubuntu is one of the the most popular Linux distribution systems used for PCs, smartphones and network servers. .
Canonical Ltd which makes the OS says that user details of roughly two million users have been accessed by an unnamed attacker who was able to exploit an SQL (Structured Query Language) injection vulnerability. The method used is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution that helps the hacker to dump the database contents to his drive/system.
The company in their statement discussed the details of the hack saying:
Jane Silber, Canonical CEO, however said that no passwords were taken via the SQL injection attack, and only limited user data was accessed and downloaded. As of now the exploited security bug has been corrected and service has been restored. The servers have also been wiped, rebuilt, hardened and the forum software was fully patched. However, it is advisable that one should change their login as soon as possible.