I have a question. They note they have notified officials. I've tried notifying the FBI after our sites have been hacked, but they are not interested in it. Is there some other place to report? Does anyone really investigate this stuff?
From a global security standpoint, kernel.org is an important site. Hacking the authoritative source for the linux kernel has serious implications for anyone who runs linux, which is lots of people probably including law enforcement.
Note that, as mentioned on the site, actually doing this is much harder than simply rooting the servers.
It's useful to make a report as soon as you notice something wrong, even if they don't do anything right away. If it turns out to be more serious than you (or they) first thought, it's nice to have a timestamp on a detailed report from when things first looked funny.
Not unless there's a ton of money involved or some important asset is at risk. This type of thing happens much more frequently than they can manage so they prioritize by severity.
I don't know what it's like in the US, but in my home country you're supposed to report it to the police -- just like you report the burglary or mugging.
