Opscode Hacked

Software company Opscode recently announced that a vulnerability in the third-party software that runs the company’s Open Source Chef wiki and ticketing system was exploited to access the system. (h/t Softpedia).

The hacker or hackers then gained escalated privileges and downloaded the user database for the wiki and ticketing system. The database that was accessed contained users’ full names, user names, e-mail addresses and hashed passwords.

“We believe these passwords are adequately secure (the software in question uses the PBKDF2 algorithm), but we will be forcing a password change on the ticketing and wiki systems,” the company said in a statement. “If you use this password on other systems, we suggest choosing a new password on those systems as well.”

The company says there’s no evidence at this point that any other systems were impacted.

Jeff Goldman
Jeff Goldman
Jeff Goldman is an eSecurity Planet contributor.

Top Products

Related articles