It is unfortunate that such things occur, but occur they do (what with human nature being what it is). They announced the hack on their blog. I wish the Linux Mint folks the best in their recovery. No one deserves to have this happen to them.
Even so, such events are lessons for the rest of us in how to (or how not to) respond to a hack such as this. The Linux Mint folks were reasonably transparent about it, and let us know the risks to our own organizations.
Red Hat and the Fedora Project also suffered a hack just last week. Red Hat announced it in a security advisory, and Fedora announced it in the Infrastructure Report posted regularly to the Fedora Announce mailing list.
Again, transparency is the rule here, and both organizations responded quickly and cleanly.
Debian Linux was also not immune; however their response was similar both in 2003 and 2006 when their CVS machine (gluck) was compromised. Both times they told the community exactly what was going on.
I also watch closely to see how they respond to the hack itself, how the machine was hacked, and so forth – to learn as much as I can so I can prevent it at my organization (or at least respond correctly).