Canonical was immediately notified of the fact that someone claimed to have a copy of the Ubuntu Forums database. After some investigation, it appears that the forum’s database was indeed attacked at 20:33 UTC on July 14, 2016, by someone who injected certain formatted SQL to the database servers on the Ubuntu Forums. Canonical reports that the attacker managed to download parts of the ???user??? table that contained IP addresses, email addresses and usernames of over 2 million registered users. However, the attacker couldn’t access active passwords of the users as they are stored as random strings thanks to the Ubuntu Single Sign On (SSO) technology.