There's a high S/N ratio on the debian-user mailing list but it seems that 4-5 servers have been compromised in the Debian network. At this time it does not appear that any deb packages have been affected. But Debian is recommending you delay any package upgrades for the time being.