USERS of Linux who subscribe to the online forums of popular strain Ubuntu have been urged to change their passwords after hackers stole up to 1.82 million user names and passwords.
This especially applies to Linux users who use the same passwords on other sites, Ubuntu says.
"You are receiving this message because you have an account registered with this address on ubuntuforums.org," a Linux email to users says.
"The Ubuntu forums software was compromised by an external attacker. As a result, the attacker has gained access to read your username, email address and an encrypted copy of your password from the forum database," the email said.
The email warns that hackers may use passwords they decipher to login to other sites and build up identity profiles of Linux users.
"If you have used this password and email address to authenticate at any other website, you are urged to reset the password on those accounts immediately as the attacker may be able to use the compromised personal information to access these other accounts," it said.
"It is important to have a distinct password for different accounts."
The Canonical system administrators that manage the forums said the ubuntuforums.org website remained offline and they were working to restore this service.
The revelations came as Apple reported that user personal information may have been stolen after its developers' site was hacked last week.
A message on the Ubuntu forums website said "unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database".
"The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP," the website said.
"Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach."
The hacking event is understood to have taken place on Saturday.
