Major Cyberattack Disrupts Canonical Services: Ubuntu Website, Snap Store, and Launchpad Affected

Overview of the Incident

On April 30, 2025, Canonical, the company behind Ubuntu, announced that its online infrastructure was under a sustained, cross-border cyberattack. The attack began around 6:00 PM UK time and has caused significant disruptions to several key services. Users attempting to access the official Ubuntu website, the Snap Store, or the Launchpad platform have encountered errors or complete unavailability. Canonical acknowledged the issue via a brief statement, confirming that their teams are actively working to mitigate the attack and restore normal operations.

Which Services Are Affected?

The following Canonical services have been confirmed as inaccessible or degraded:

• Ubuntu.com – The official website for Ubuntu, including documentation, downloads, and community resources.
• Snap Store – The primary repository for Snap packages, widely used for software installation on Ubuntu and other Linux distributions.
• Launchpad – Canonical’s platform for open-source development, bug tracking, and code hosting.

These outages have impacted both end-users and developers who rely on these platforms for daily tasks. The attack appears to be deliberately targeted at Canonical’s core web presence, though the exact nature of the attack (DDoS, infiltration, etc.) has not been disclosed.

What Still Works?

Despite the widespread disruption, critical backend infrastructure remains operational thanks to redundant architecture:

APT Package Repositories

Ubuntu’s Advanced Package Tool (APT) repositories are not fully offline. Because these repositories are mirrored across numerous servers in multiple countries, most users can still install and update packages via the command line. However, the main primary repository at archive.ubuntu.com is currently unreachable. Canonical advises users to rely on local mirrors or region-specific servers, which continue to function normally.

Ubuntu ISO Image Downloads

In a relief for users needing fresh installations, official Ubuntu ISO images remain available for download. The images are hosted on a separate, distributed content delivery network that was not impacted by the attack. This ensures that new users can still get Ubuntu up and running without interruption.

Canonical’s Response

In a short statement released through their status channels, Canonical said: “We are aware of a sustained, cross-border attack affecting our websites and services. Our teams are working to address the issue and will provide more details shortly.” The company has not yet confirmed the method of attack or whether any data has been compromised. Given the targeted nature of the disruption, security experts speculate this could be a sophisticated DDoS campaign aimed at causing maximum inconvenience.

What Should Users Do?

For most Ubuntu users, the impact is limited to web-based services. Here’s a quick guide:

• Software updates: Use sudo apt update and sudo apt upgrade. If you encounter issues, switch to a mirror by editing /etc/apt/sources.list to point to a mirror like us.archive.ubuntu.com or a local country mirror.
• Snap packages: If you rely on Snap Store, you may see errors installing or updating snaps. Consider using Flatpak or AppImage alternatives temporarily, or wait for service restoration.
• Developer tools: Launchpad users should use alternative version control hosting (GitHub, GitLab) for critical pushes until the platform is restored.
• Monitoring: Check Canonical’s status page for real-time updates on service recovery.

Conclusion

This attack represents one of the most significant disruptions to Canonical’s online services in recent memory. While the company works behind the scenes to neutralize the threat and restore full functionality, the resilience of their mirrored repositories ensures that the core Ubuntu operating system remains usable. Users are advised to stay patient and rely on alternative methods where possible. As more information emerges, we will update this article with confirmed details about the attack’s origin and Canonical’s long-term mitigation strategies.