Mageia passwords hacked!

[viking60]

The Mageia project is experiencing a security problem:

The LDAP database has been hacked so the attacker has published the emails Names and also password hashes for all uses registered om https://identity.mageia.org

That may also include my identities there

The project has reacted by resetting all passwords.

This would mean that you cannot log in at Mageia anymore and must change/reset your password over there too.

The exciting part would be how this could happen....and nobody has a clue!

The very configuration of LDAP servers should prevent stuff like this.

So if you use your Mageia password here - CHANGE IT! ..and do the same on every other forum where you are using your Mageia password.

More here

[R_Head]

How this happen? I thought the Mageia developers were smarter. Could it be an inside job?

[viking60]

It is hard to say.

Maby someone exploited the CPU flaw from Intel that has been around for 6 months before anybody cared to inform about it

In that case there is no way of telling and the Mageia people can be smart as hell...and stll have no way of discovering it...

Computing has simply become unsafe due to crappy hardware...and that is not Mageias fault.

If it is something else then it should not have happened in the first place or someone really must have fubared the server configuration.

There is no way for us to know...

It will be interesting to see what the Mageia gurus come up with, because there must be an explanation at some point. My data are compromised by Mageia servers - and I want to know what happened (If it is possible).

[dedanna1029]

"My data are compromised by Mageia servers - and I want to know what happened (If it is possible)."

There is a solution to that. Don't give any site any data to compromise...

[R_Head]

Amen to that K