Yeah, I know about that. Certainly, not a proud moment in Mint's history, but it got resolved quickly. But I'm not going to rule out Mint just because they got hacked once. kernel.org got hacked, after all.
They basically had no effort in their security, no idea how long they were compromised, and couldnt even respond effectively. I was a big fan of Mint usability who reluctantly had to ditch it.
These are the statements of the security people here that were going tgrough the data. The level of severity and recovery time supported thrur claims a bit.
> no idea how long they were compromised, and couldnt even respond effectively.
The hacked .iso was up for less than 24 hrs, so that puts a hard limit on the worst part of the compromise. The forum issues they fixed in a couple of days. This seems like a reasonably effective response to me.
> I was a big fan of Mint usability who reluctantly had to ditch it.
Did you really have to ditch it? Or did you just decide to go with a distro that emphasizes security over convenience? (Which is, of course, a completely reasonable thing to do, but others may make other (also reasonable) choices.)
So... The ultimate source of the breach was an exceedingly weak password? OK, I guess that does seem like a rookie mistake, which is worrisome. Sorry for the naive questions, and I apologize for my confrontational tone. But I really had read most of the referenced articles about the Mint hack (not that last one you linked to), and it was still not obvious to me that this was (apparently) incontrovertible evidence of total incompetence on the part of the Mint devs.
Also, is ryanlol a well-known hacker or something? (I had never heard of him.)
You are failing to read the "thoroughly discussion", the hack was just the tip of the iceberg.
Also, kernel.org was hacked because a rootkit gained access to their servers, not because they used a weak password like `upMint`, so you shouldn't compare both incidents.