- Where should you place your ads?Posted 6 months ago
- 7 Shocking Internet Trends & StatsPosted 7 months ago
- 10 SEO Copyrighting Tips for 2013Posted 8 months ago
- The Perfect Posts for Social MediaPosted 9 months ago
- Google Denies Involvement in PRISMPosted 9 months ago
- So you’re a Web Designer and got your first job! How much should you charge?Posted 9 months ago
- No More Yahoo Mail Classic, New Version Scans E-MailsPosted 9 months ago
- Drupal Users Urged to Change Their PasswordsPosted 9 months ago
- Opera Launches Opera Next Chromium-Based BrowserPosted 9 months ago
- Web Design Facts in 2013Posted 10 months ago
Drupal Users Urged to Change Their Passwords
Today Drupal Association Executive Director Holly Ross sent out a massive email to all drupal.org users urging them to change their passwords as a precautionary measure against a recent security incident.
Drupal.org’s security and infrastructure teams discovered unauthorized access to sensitive user account information including, email address, usernames, country information and hashed passwords.
Additional security measures have already been implemented to prevent this type of attack from happening again. Members logging in will be required to change their password.
Holly Ross stated in her email
This unauthorized access was made via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within the Drupal software itself. This notice applies specifically to user account data stored on Drupal.org and groups.drupal.org, and not to sites running Drupal generally.
Here are a few simple steps that are being recommended when creating a new password:
- Do not use passwords that are simple words or phrases
- Never use the same password on multiple sites or services
- Use different types of characters in your password (uppercase letters, lowercase letters, numbers, and symbols).
They are also recommending that you change your password on any sites where you may use the same username, or password.
For more information, please review the security announcement and FAQ at https://drupal.org/news/