Hack Strikes Feds In Drupal.org Community

Federal website managers registered on Drupal.org or Drupal Groups, the developer and community sites for the eponymous open source content management system, might have had their accounts compromised.

Officials at the Drupal Association, which operates the sites, said malicious software accessed user information stored on both websites, but Drupal coding and sites running the CMS are unaffected.

The data accessed includes profile information such as username, email address, country, encrypted password, and possibly other as-yet-undetermined details, officials said.