The forums for the openSUSE Linux version remain down today following a breach of the site’s server, which allowed an attacker to gather and leak user email addresses.
The hacker managed to exploit a vulnerability in the forum software used by openSUSE, vBulletin, which not only gave them access to a database, but allowed them to deface the site too.
Website admins sought to assuage users’ fears, saying that a limited amount of data had been compromised.
“Credentials for your openSUSE login are not saved in our application databases as we use a single-sign-on system (Access Manager from NetIQ) for all our services,” they said.
“This is a completely separate system and it has not been compromised by this crack. What the cracker reported as compromised passwords were indeed random, automatically set strings that are in no way connected to your real password.
“However, some user data is stored in the local database for convenience, in the case of the forum the user email addresses. Those the hackers had access too and we’re very sorry for this data leak.”
They said “there are no known fixes or workarounds” for the vulnerability in the vBulletin forum software, so the affected site would remain offline until a solution has been found.
A number of sites were compromised as a result of vBulletin-based attacks last year. vBulletin itself was hacked, whilst MacRumors and the Ubuntu forums were two of the most high-profile victims.
Are you a security expert? Try our quiz!
Thoma Bravo agrees to acquire Darktrace for $5.32 billion in cash, delivering some welcome news…
Customer adoption of AI services embedded in cloud services continues to deliver results for Microsoft,…
TikTok's 'secret source' algorithm is so core to ByteDance, it would rather shut down US…
After relocating from California to Texas in 2020, Oracle's Larry Ellison now reveals plan to…
Share price hit after Meta admits heavy AI spending plans, after posting strong first quarter…
For third time Google delays phase-out of third-party Chrome cookies after pushback from industry and…