Of course, one perfectly likely explanation for the hack is clear from Canonical’s mea culpa letter: for the personally identifiable information (PII) that it yielded.
Unfortunately the attackers have gotten every user’s local username, password, and email address from the Ubuntu Forums database.
With close to 2 million signed-up members, that could mean a lot more spam for a lot of people.
And for those who have chosen poor passwords, the stolen password database could mean worse than that.