- Where should you place your ads?Posted 11 months ago
- 7 Shocking Internet Trends & StatsPosted 1 year ago
- 10 SEO Copyrighting Tips for 2013Posted 1 year ago
- The Perfect Posts for Social MediaPosted 1 year ago
- Google Denies Involvement in PRISMPosted 1 year ago
- So you’re a Web Designer and got your first job! How much should you charge?Posted 1 year ago
- No More Yahoo Mail Classic, New Version Scans E-MailsPosted 1 year ago
- Drupal Users Urged to Change Their PasswordsPosted 1 year ago
- Opera Launches Opera Next Chromium-Based BrowserPosted 1 year ago
- Web Design Facts in 2013Posted 1 year ago
Drupal Users Urged to Change Their Passwords
Today Drupal Association Executive Director Holly Ross sent out a massive email to all drupal.org users urging them to change their passwords as a precautionary measure against a recent security incident.
Drupal.org’s security and infrastructure teams discovered unauthorized access to sensitive user account information including, email address, usernames, country information and hashed passwords.
Additional security measures have already been implemented to prevent this type of attack from happening again. Members logging in will be required to change their password.
Holly Ross stated in her email
This unauthorized access was made via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within the Drupal software itself. This notice applies specifically to user account data stored on Drupal.org and groups.drupal.org, and not to sites running Drupal generally.
Here are a few simple steps that are being recommended when creating a new password:
- Do not use passwords that are simple words or phrases
- Never use the same password on multiple sites or services
- Use different types of characters in your password (uppercase letters, lowercase letters, numbers, and symbols).
They are also recommending that you change your password on any sites where you may use the same username, or password.
For more information, please review the security announcement and FAQ at https://drupal.org/news/