PCR Tech and IT retail, distribution and vendor news
Thousands of email addresses and passwords of Mozilla developers have been accidently exposed.
Mozilla officials have revealed that the breach occurred due to a database glitch, which published the records of 76,000 members of the Developer Network.
About 4,000 password hashes were published on a publicly accessible server, allegedly for a period of 30 days.
After Mozilla ran a failed data sanitisation process, the passwords were inadvertently revealed.
There is no indication that any private information was accessed, however, Mozilla officials investigating the disclosure cannot rule out the possibility.
Hackers who may have tried to crack the hashes would not have been able to access Mozilla Developer Network (MDN) accounts, however, they may have been able to access other accounts with the same password.
Stormy Peters, director of developer relations, and Joe Stevensen, operations security manager at Mozilla, wrote in a statement: “We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you.
“The encrypted passwords were salted hashes and they by themselves cannot be used to authenticate with the MDN website today. We’ve sent notices to the users who were affected.”
