I've just gotten an eMail from the boards to change my password anywhere in the net where I might have used the same one as on the Mint boards and wonder why it came so late:
https://forums.linuxmint.com/viewtopic.php?f=143&t=217298

It's actually an older new already. Last week maybe? http://www.ghacks.net/2016/02/21/linux-mint-hacked-iso-images-compromised/

But why even use Mint? Debian is easy-peasy. Fedora is awesome and better in everything :)

Yes, i pointed this out a couple of weeks back. It only affected images downloaded on that specific Saturday as the site went down rapidly after that. But forum details and such like were also stolen. Good time to update all your passwords (as you would be doing that for the start of a new month anyways :o)

I received that email too yesterday.

When I registered there I though:
- ok, this place is safe, so I'll add my real email.
- it's just a simple forum, so I'll reuse a pw.

Great -_-

debian gave me nothing but a black screen a while ago, i was too lazy to look for a solution when mint just worked.

Probably driver issue. Debian doesnt use proprietary and closed blobs by default (unless you enable repos)

Nowhere is truly "safe"... also see: https://haveibeenpwned.com/ Neither does Mint AFAIK- if you want to use the proprietary graphics drivers you need to install them yourself, anyway.

I'm just getting some spam and I've already changed a few passwords.
Nothing dangerous, but slightly annoying.
("pwned".. that site seems even less secure lol)

I got the email too. It is good that they pointed out to users that if they are using the same email + password combination on some other site, it would be better to change the password (on those other sites).

I figured that out already before, and changed my password on one service where I recalled having used the same password with the same email. Stupid of me to use a shared password on that service anyway.

This is also the way I presume at least most GOG accounts, that people reported as hacked, were cracked: people had used the same email and password on some other site or forum, which got compromised, just like the Mint forums now. Then they try the same email + password on various other sites and services...

Yeah two-step verification can prevent that, but I really hate having to perform the email verification code check each and every time I want to log in the the Humble Bundle site (because I automatically erase any offline data and cookies from my browser when I close it).

I wish they'd let me limit those two-step verifications only to if some asshat is trying to change either the password, or the email addresss, on my Humble Bundle account. No need to check it each and every damn time I just want to log in from a new browser (or my existing browser with cleared cookies). Enough is enough.

Because Debian isn't a word. Fedoras went out in the 40s. And Mint leaves your breath fresh.

How reliable/accurate is that site supposed to be? Because I checked an email address I used to use only at a certain place, and haven't used in ages, and it said that it was part of the Adobe 2013 big breach - funny thing is that I don't even have an Adobe account. That's a pretty dangerous way of thinking.

It correctly showed the Mint hack for the connected address, how do they do that?
Another eMail-address had an entry for a hack of nexusmods.com. -.-

you just got an email about this?

this looks worse and worse for them.

this was news a week or so ago, and it seems that they had known about the forum being breached since January.

So after a website breach all the compromised eMail-addresses are made available to the public?!