The canonical Security is once again under questionable notice. The forum has been hacked thrice on different occasions. In July 2013, details of 1.82 Million users were stolen by hackers followed by the second hacking where 2 million users data were stolen in July 2016 and in July 2019, the Github account of Canonical limited has been hacked.
This company works behind the distribution of Ubuntu Linux and was hacked on July 6th, 2019. The Security team accepted that the Canonical owned account on Github was compromised on credentials and was used to create disturbance and issues among other activities. Though the company has removed the account from the organization in Github, it is still working on checking out the breach. The company believes that the source code or PII was affected in any way.
A report at the ZDNet states that The Ubuntu Security Team has plans to publish another update publicly when it gets done with the proper investigation into the matter and carries out the cause, effect, and recovery of the account information.
Another report stated that the hacker created 11 new Github repositories in the official Canonical account but the account repositories were blank. Two days before the incident took place, Bad Packets- a cybersecurity firm detected internet-wide scan for Git files that determined Configurational activities. These files manage the codes on Github.com and have all essential credentials for the Git accounts.
Another deadly incident happened back in 2018 when a malicious Ubuntu Package consisting of cryptocurrency miner was detected on the official Ubuntu store.
Similar situations were encountered by Linux Mint in February 2016 and Gentoo Linux Distro in June 2018. The codes were poisoned by OS version containing a backdoor. This 2019 incident could only be a threat to the company. If looking through a different glass, this appears as exposure of the vulnerabilities of Canonical and the sensitivity of users information in it.
Most of the companies have encountered such vulnerabilities prior to a major data theft attack. Hopefully, this is not the case with Canonical. The Ubuntu Security Team has been put on toes to work harder to ensure that every data of the company irrespective of its major or minor relevance to the company should be kept safe. The major trick is with codes running on the organization which should not get exposed to attract hackers.