09 Jan 2014

Some 80,000 Emails Compromised in Forum Data Breach

The openSUSE forums have been defaced, leaving account information of thousands of users vulnerable, according to The Hacker News.

A Pakistani hacker called 'H4x0r HuSsY managed to exploit a vulnerability in the forums software “that allows him to browse, read or write/overwrite any file on the Forum server without root privileges.”

It seems the hacker also gained access to the user database yet promised not to make the information public. The attack is meant to demonstrate the systems security flaws.

openSUSE confirmed the breach via its Twitter account and blog in a brief warning to customers: “Passwords: Safe! Emails: Not so much.”

“Credentials for your openSUSE login are not saved in our application databases as we use a single-sign-on system (Access Manager from NetIQ) for all our services,” the OS provider said. “This is a completely separate system and it has not been compromised by this crack.”

The projects representatives have decided to leave the forums offline until a solution is found.

openSUSE is a general-purpose operating system built on top of the Linux kernel, developed by the community-supported openSUSE Project.