This site (http://security.drupal.org) is used internally by the Drupal security team to coordinate their work, track issues and prepare security announcements. Here you can view the official list of Security Team members.
The Drupal.org Security Team and Infrastructure Team have discovered unauthorized access to account information on Drupal.org and groups.drupal.org. We have reset all user passwords on Drupal.org. See Important Security Update: Reset Your Drupal.org Password for more information. If you are a registered Drupal.org user, the email you should have received about this from Holly Ross, the Executive Director of the Drupal Association, is legitimate.