Drupal.org Data Breach (2013)

A hacker or hackers exploited a vulnerability in a third-party software and used it to access accounts on drupal.org. The hackers were able to upload files to the association.drupal.org and compromised Drupal's serer. Accounts on groups.drupal.org may have also been exposed. Usernames, email addresses, hashed passwords, and country information may have been exposed.