Apple and Ubuntu breached by hackers - personal data feared stolen

Two million Ubuntu forum members' details stolen, while Apple admits developer hack too

Hackers have exposed the details of almost two million Ubuntu users and have also potentially stolen data from Apple in two separate cyber attacks that took place within days of one another.

The Ubuntu forum - home to 1.8 million users of the open source operating system - was closed on Saturday after the website's homepage was defaced with an image of a penguin holding a gun and the phrase "None of this 'y3w g0t haxd by albani4 c3bir 4rmy' stuff. Straight up, you dun goofed. It's as simple as that".

Canonical, the company responsible for Ubuntu, immediately responded by taking the forums offline to close the breach, but admitted that the hackers had got hold of usernames, passwords and email addresses.

"While the passwords were not stored in plain text, good practice dictates that users should assume the passwords have been accessed and change them. If users used the same password on other services they should immediately change that password," Ubuntu CEO Jane Silber warned in a blog post.

"We are continuing to investigate exactly how the attackers were able to gain access and are working with the software providers to address that issue. Once the investigation is concluded we will provide as much detail as we safely can," she added.

As of Monday morning, the Ubuntu forums remain down as the breach continues to be investigated.

Meanwhile, Apple's site for developers was also closed on Sunday following a security breach, with the iPhone and iPad manufacturer unable to guarantee that data wasn't accessed.

In a statement, Apple said:

"Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website.

"Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers' names, mailing addresses, and/or email addresses may have been accessed.

"In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

"In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon."

Ibrahim Balic, an Israeli security researcher, has claimed responsibility for the security breach in a YouTube video, but argues that it isn't a malicious attack, but a way of demonstrating how Apple is leaking user data.