Ubuntu forum is hacked by sqli attack

There is always a debate between Linux and Windows operating systems . Which is the best? Which is the safest? And in fact, in the latter case, it could be said that yes in favor of Linux, but this time we are not going to talk about the system but about a fact that happened a few days ago in the Canonical forums, those in charge of Ubuntu.

They access the database and download 2 million data

A few days ago the Canonical discussion forums received an SQLi attack (SQL injection), in which a hacker managed to access the entire database of the entire forum, compromising user data, IP addresses, emails and other information.

According to Canonical Vice President Jane Silber, the problem has already been fixed by patching the security hole and that users' passwords to access the forum have not been compromised due to strong hash encryption. The hacker (s) were able to access partial information from the user table and downloaded about 2 million pieces of data.

IP addresses, emails and other data exposed from the Ubuntu forums

SQLi is a fairly old method of penetration for systems, where the database is violated by injecting malicious SQL, even today this method is still effective in places where security is somewhat precarious.

For now Canonical has been able to fix this security flaw but they have not commented on what measures they will take to protect users from new attacks more sophisticated than this. Luckily, the Ubuntu operating system is much more secure than its discussion boards.