Skip to main content

Fedora Investigates Server Breach

The Fedora Project's servers were compromised last weekend, after a hacker gained access to a contributors online account.

In a blog post, the Fedora Project's Jared K.Smith explained that a Fedora contributor received an email informing of changes made to account credentials, despite not making any changes himself.

The account holder then contacted the Fedora infrastructure team, reporting a breach of his account. It was revealed that the account had been broken into, although the hacker had done nothing to harm the Fedora infrastructure.

Staff explained that the account had been compromised externally and not due to a vulnerability on the platform.

“While the user in question had the ability to commit to Fedora SCM, the Infrastructure Team does not believe that the compromised account was used to do this, or cause any builds or updates in the Fedora build system. The Infrastructure Team believes that Fedora users are in no way threatened by this security breach and we have found no evidence that the compromise extended beyond this single account,” Smith said in a statement.