“the breach was made via wordpress. From there they got a www-data shell”
See The Linux Mint Blog Â» Blog Archive Â» Beware of hacked ISOs if you downloaded Linux Mint on February 20th!Linux Mint is still tiny compared to Debian and other older distros. Their tiny resources bit them recently with a compromise of the blog leading to misleading links to downloads. A day later, their server is still offline.
UPDATE See also, It looks like the forums were also compromised in the hack That’s what happens when bad guys are given control of everything.