Drupal.org Hacked

Jun 03, 2013

Security breached at home sites of the CMS project.

The Drupal project has announced a security breach that has compromised usernames, contact information, and hashed passwords for possibly millions of users. Drupal is a popular open source Content Management System (CMS) used for building and managing websites. The Drupal project also hosts user websites at <U>drupal.org<U> and <U>groups.drupal.org<U>. The breach affected the sites hosted by Drupal but did not affect other sites running the Drupal CMS.  
According to a statement by the Drupal security team, "This access was accomplished via third-party software installed on the Drupal.org server infrastructure and was not the result of a vulnerability within Drupal itself." Accounts at the affected websites are set to prompt users to reset their passwords at the next login. Users are encouraged to log in as soon as possible to reset their passwords.  

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More