The company that builds Ubuntu, a popular Linux distribution, has said its forums were hacked Thursday.
Canonical, which develops the operating system, said
in a statement on Friday that two million usernames, email addresses, and IP addresses associated with the Ubuntu Forums were taken by an unnamed attacker.
The attacker was able to exploit an SQL injection vulnerability in an add-on used by older vBulletin forum software.
That gave the attacker access to the forum's databases, but the company said that only limited user data was accessed and downloaded.
The statement stressed that no code or repository data was accessed, and the attacker couldn't write data to the database or gain shell access. The attacker also didn't gain access to any other Canonical or Ubuntu service.
