I am seriously late for the party of “OMG!”

The splash page reads:

2013-07-20 2011UTC: Reports of defacement
2013-07-20 2015UTC: Site taken down, this splash page put in place while investigation continu

And now is 2013-07-22T10:05:46Z, I only got this news via a thread on Arch Linux more than one day later. What is the damage exactly?

Unfortunately the attackers have gotten every user‘s local username, password, and email address from the Ubuntu Forums database.

[emphasis mine]

Oh, I see. Why don’t you just say everything and what does local username mean? Like the username? Nonetheless, only 1.8 million accounts in total on Ubuntu Forums? I really thought Ubuntu have much more than that number.

Anyway, I thought this was none of my business since I don’t use Ubuntu, even I did try it a few years back, I didn’t think I have an account.

Wrong! I did register five years and six months ago after I searched “ubuntu forums” in Gmail. This how I remember if I have an account on a website.

‘Why did you register?’ I asked myself. But I should be fine, since I couldn’t even remember the password for Ubuntu Forums. Username and email address? Nah, it’s okay, the hacker can have them, just like 99.999% of spammers in this world have already had those.

My favorite part of this incident is from this post:

The site was running vBulletin and according to some sources, it was outdated and didn’t have the admin panel protected.

I don’t know vBulletin, does no protection mean typing in the URL and I’ve Got the Power!?

Outdated, you gotta love this word if you are a hacker. I’d even bet all of my money that it’s the favorite word of those people’s.

Poor Ubuntu, but no worries. Recently, I learned Ubuntu is planning to push its own display server Mir to replace X Window. Next year, Ubuntu would replace vBulletin with their newly developed forums software uBulletins, where “s” means secured.

By the way, dear hacker, Could you BCC me my password for the forums, once you crack the passwords?