Unauthorized access to account information on Drupal.org and groups.drupal.org, discovered.

It is official since May 29, 2013, so according to holly.ross.drupal , this access was accomplished via third-party software installed on the Drupal.org server infrastructure, and was not the result of
vulnerability within Drupal itself.

However some essential information have been exposed including: usernames, email addresses, and country information, as well as hashed passwords.

As a precautionary measure, users have to reset their passwords at their next login attempt.

1.     Go to https://drupal.org/user/password

2.     Enter your username or email address.

3.     Check your email and follow the link to enter a new password.

Note: ‘’If you do not receive the e-mail within 15 minutes, make sure to check your spam folder as well.’’