Ubuntu Website Outage: Q&A on the Cyber Attack Affecting Canonical Services

On April 30, a sustained, cross-border cyber attack struck Canonical's online infrastructure, temporarily taking down the Ubuntu website, Snap Store, and Launchpad. While the company works to resolve the issue, many users have questions about what services are impacted and which remain operational. Below, we address the most common concerns surrounding this incident.

What exactly happened to Canonical's websites and services?

Canonical confirmed that its websites, including the main Ubuntu site, the Snap Store, and Launchpad, were hit by a sustained, cross-border attack starting around 6 PM UK time on April 30. The company described the incident as an ongoing, coordinated effort targeting its online presence. Engineers are actively working to mitigate the disruption and restore full functionality. This type of attack is designed to overwhelm servers with traffic, making resources temporarily inaccessible. While Canonical has not disclosed the specific nature of the attack (e.g., DDoS or other), the phrase “sustained, cross-border” suggests a large-scale, distributed assault originating from multiple countries.

Which Canonical services are currently affected?

As of the latest updates, the following services have experienced interruptions: the Ubuntu website, the Snap store, and Launchpad. These platforms are either completely inaccessible or loading very slowly. The main archive.ubuntu.com repository was also offline at the time of reporting, which could affect users directly fetching packages from that specific mirror. However, Canonical noted that other repositories and mirrors continue to function normally, so the overall package availability is not entirely blocked. It’s important to check the Ubuntu status page for real-time updates.

Are Ubuntu APT repositories still working?

Yes, the Ubuntu APT repositories remain operational for the most part. Canonical explained that these repositories are mirrored across multiple locations, countries, and servers, which provides redundancy. While the primary archive.ubuntu.com was offline during the attack, alternative mirrors are still functional. Users can configure their /etc/apt/sources.list to point to a different mirror, or simply wait for the primary to come back. This redundancy ensures that critical software updates and package installations can continue, though some users may experience slower downloads initially.

Can I still download Ubuntu ISO images?

Absolutely. The ability to download Ubuntu ISO images remains unaffected. Canonical noted that images are hosted on separate infrastructure and are not included in the targeted attack. You can still obtain the latest Ubuntu releases, including LTS versions and daily builds, via the official download page once it recovers, or through alternative sources like mirror sites. If the main website is down, try using a third-party mirror like releases.ubuntu.com (which may be unaffected) or torrent links provided by the community. This ensures that new installations are not disrupted.

What has Canonical said about the attack and its resolution?

Canonical acknowledged the attack shortly after it began, stating on its social media channels that they were “working to address” the issue and would provide more details soon. The company urged users to stay patient and follow official updates. As of the time of this Q&A, no further specifics about the perpetrator or the attack vector have been released. Canonical’s priority is restoring services while ensuring the integrity of user data and the Ubuntu ecosystem. They have not indicated any data breach, so the attack appears to be aimed at availability, not confidentiality.

How can I stay informed about service restoration?

For the latest updates, monitor Canonical’s official status page and their social media accounts. The company will likely post a full incident report once the attack is resolved. In the meantime, avoid using affected services if you encounter errors, and consider using alternative mirrors for APT packages or ISO downloads. The community forums are also a good source for workarounds shared by other users.