Attacks on passwords, security and privacy are becoming bolder and stronger. Recently, Sourceforge.net had warned its users of a possible attack on their passwords with a blog post.
Although, the blog is down now as they are carrying out database maintenance, we can still show you the email via Sathyajit that says,
We recently experienced a directed attack on SourceForge infrastructure
(http://sourceforge.net/blog/sourceforge-net-attack/) and so we are
resetting all passwords in the sf.net database — just in case. We’re
e-mailing all sf.net registered account holders to let you know about this
change to your account.
Our investigation uncovered evidence of password sniffing attempts. We have
no evidence to suggest that your password has been compromised. But, what
we definitely don’t want is to find out in 2 months that passwords were
compromised and we didn’t take action.
So, as a proactive measure we’ve invalidated your SourceForge.net account
password. To access the site again, you’ll need to go through the email
recovery process and choose a shiny new password:
If you need help with this, feel free to e-mail us:
We appreciate your patience with us as we work to respond to this attack.
We’ll be working through the weekend to get things back to normal as
quickly as possible.
Watch for updates on the service outages on our blog:
The SourceForge Team
As a failsafe method, we should reset our passwords at major websites like Google and other developer networks regularly. This can work well towards keeping you safe. You can check the Sourceforge blog for details once the page is back up.