Iain Thomson reports:
Opscode, the commercial side of the open source Chef configuration management tool beloved by Google, Facebook, and IBM, has warned customers that a flaw in an unnamed third-party application has left its wiki and ticketing system pwned.
“The attacker gained escalated privileges and downloaded the user database for the wiki and ticketing system,” the company said in a blog post on Thursday. “The user database that was accessed contained usernames, email addresses, full names, and hashed passwords.”
Read more on The Register.