On or around August 12 the servers used to maintain and distribute the Linux operating system were compromised.

No one noticed for over two weeks allowing malware to fill those servers accessed through kernel.org. Since then kernel.org has been down for maintenance as site administrators try to understand how the attack was possible and what damage it did.

Now it seems the breach has extended beyond kernel.org, Geek.com reports.

On September 8 a new breach was discovered across The Linux Foundation‘s group of sites. That includes LinuxFoundation.com and Linux.com, and any subdomains those sites run.

The breach is thought to have compromised usernames, email addresses, passwords, and any personal information stored with the account. The advice being given is to check the password that was used with that account is not being used for other logins in use. If it is, then the password for those accounts should be immediately changed.