Modernizing Authentication — What It Takes to Transform Secure Access
Software company Opscode recently announced that a vulnerability in the third-party software that runs the company's Open Source Chef wiki and ticketing system was exploited to access the system. (h/t Softpedia).
The hacker or hackers then gained escalated privileges and downloaded the user database for the wiki and ticketing system. The database that was accessed contained users' full names, user names, e-mail addresses and hashed passwords.
"We believe these passwords are adequately secure (the software in question uses the PBKDF2 algorithm), but we will be forcing a password change on the ticketing and wiki systems," the company said in a statement. "If you use this password on other systems, we suggest choosing a new password on those systems as well."
The company says there's no evidence at this point that any other systems were impacted.