Drupal.org Hacked

Jun 03, 2013

Security breached at home sites of the CMS project.

The Drupal project has announced a security breach that has compromised usernames, contact information, and hashed passwords for possibly millions of users. Drupal is a popular open source Content Management System (CMS) used for building and managing websites. The Drupal project also hosts user websites at <U>drupal.org<U> and <U>groups.drupal.org<U>. The breach affected the sites hosted by Drupal but did not affect other sites running the Drupal CMS.  
 
According to a statement by the Drupal security team, "This access was accomplished via third-party software installed on the Drupal.org server infrastructure and was not the result of a vulnerability within Drupal itself." Accounts at the affected websites are set to prompt users to reset their passwords at the next login. Users are encouraged to log in as soon as possible to reset their passwords.  

Related content

comments powered by Disqus

Issue 162/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News