SourceForge.net Resets All User Passwords in Wake of a Sniffing Attempt

Attacks on passwords, security and privacy are becoming bolder and stronger. Recently, Sourceforge.net had warned its users of a possible attack on their passwords with a blog post.

sourceforge-down

Although, the blog is down now as they are carrying out database maintenance, we can still show you the email via Sathyajit that says,

Hello,

We recently experienced a directed attack on SourceForge infrastructure
(http://sourceforge.net/blog/sourceforge-net-attack/) and so we are
resetting all passwords in the sf.net database — just in case. We’re
e-mailing all sf.net registered account holders to let you know about this
change to your account.

Our investigation uncovered evidence of password sniffing attempts. We have
no evidence to suggest that your password has been compromised. But, what
we definitely don’t want is to find out in 2 months that passwords were
compromised and we didn’t take action.

So, as a proactive measure we’ve invalidated your SourceForge.net account
password. To access the site again, you’ll need to go through the email
recovery process and choose a shiny new password:

https://sourceforge.net/account/registration/recover.php

If you need help with this, feel free to e-mail us:

[email protected]

We appreciate your patience with us as we work to respond to this attack.
We’ll be working through the weekend to get things back to normal as
quickly as possible.

Watch for updates on the service outages on our blog:

http://sourceforge.net/blog/

Thank you,

The SourceForge Team

Given the last fiasco at Gawker media and Mozilla, we sure have to wake up and stop using MD5.

As a failsafe method, we should reset our passwords at major websites like Google and other developer networks regularly. This can work well towards keeping you safe. You can check the Sourceforge blog for details once the page is back up.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>