Canonical, the software company responsible for creating the Ubuntu Linux cohesion had their GitHub account hacked, which led to the formation of 11 new unoccupied repositories. An account belonging to Canonical which had its credentials compromised was used to gain access to the official Canonical GitHub account. Although investigations are still ongoing, it appears that this was merely an attempt at defacement rather than a supply-chain style attack. A Canonical spokesperson stated, “Canonical has removed the compromised account from the Canonical organization in GitHub and is still investigating the extent of the breach, but there is no indication at this point that any source code or PII was affected. Furthermore, the Launchpad infrastructure where the Ubuntu distribution is built and maintained is disconnected from GitHub, and there is also no indication that it has been affected.” Since investigations are still being carried out, few details have yet to be revealed, but the company plans to release a public update as soon as they have enough information.
While investigations are still ongoing, users should simply be cautious while using Ubuntu. If any suspicious activity is noticed, users should report it to Canonical as soon as possible.