John Leyden reports:
Privacy-conscious users of the Tor anonymiser network have been urged to upgrade their software, following the discovery of a security breach.
Two of seven directory authorities and a metrics data server were compromised in a hack discovered earlier this month, Tor developer Roger Dingledine explains. The three servers were taken offline and refurbished following the hack.
[…]
Neither was the attack severe enough for the unidentified attackers to match up users to their destinations. Nor did it affect the Tor source code.
More details on the attack can be found in an FAQ posted by Dingledine here.
Read more in The Register.