Menu
Linux Australia breached, personal details leaked

Linux Australia breached, personal details leaked

The group is advising conference attendees to change their passwords

The open-source and free software user group Linux Australia said personal information for attendees of two conferences it hosts may have been leaked after malware was found on one of its servers.

The information may have included first and last names, postal and email addresses, phone numbers and hashed passwords, wrote Joshua Hesketh, Linux Australia's president, on a message board. Financial data was not affected, he wrote.

The breach affects those who registered for the group's Linux conference over the last three years and for python programming conference Pycon Australia in 2013 and 2014, he wrote. Attendee data for those conferences was held on the compromised server.

Although there aren't indications that information was removed from the server, those affected are advised to change the password they used to register, especially if the same one is used on other websites.

Linux Australia discovered the breach on March 24 after it noticed conference management software it uses called Zookeepr started sending a large number of error reporting emails, Hesketh wrote. A server had been attacked two days prior.

"It is the assessment of Linux Australia that the individual utilized a currently unknown vulnerability to trigger a remote buffer overflow and gain root level access to the server," Hesketh wrote.

The attacker installed a remote access tool and then botnet command and control software.

Linux Australia has decommissioned the infected server and strengthened security on the new one. Hesketh wrote that the new server will have "a far more rigorous operating schedule applied to it." A log analysis tool has also been installed.

Websites for the conferences will in the future be archived six months after a conference concludes and then kept on a separate server and deleted from Zookeepr, Hesketh wrote.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Linux Australiasecuritydata breachExploits / vulnerabilitiesmalware

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments