A Linux Australia server hosting a conference attendee database was compromised after cybercriminals were able to gain root level access. Information taken related to the Linux Australia Conference for 2013, 2014 and 2015, along with PyCon Australia 2013 and 2014 – stolen data included names, email addresses, physical mailing addresses, phone numbers, and passwords.
Linux Australia insists that since attendees pay for conferences via a third party gateway, user’s payment card information was not disclosed in the breach.
Two days later however, upon further examination, the group’s administrative team was able to deduce that the server had fallen victim to a malicious attack. In response, developers suspended all non-admin accounts that interacted with the server.