Mozilla accidentally leaks details of 76,000 developers

The company said the leak came to light 10 days ago when a data santisation process failed

Data breach

Mozilla has revealed it accidentally leaked details of 76,000 developers, plus 4,000 encrypted passwords.

The company said the leak happened when it was carrying out a data sanitisation process of the Mozilla Developer Network (MDN) site database. The process failed, disclosing developer email addresses and passwords on a publicly available server.

Advertisement - Article continues below

A developer who noticed the leak discovered it had happened over a period of 30 days from June 23.

As soon as Mozilla was alerted, it removed the data dump and the process was disabled to prevent the process happening again, according to Stormy Peters, head of the firm's developer relations.

"While we have not been able to detect malicious activity on that server, we cannot be sure there wasn't any such access. We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," Peters said in a blog post. 

She explained that the passwords were salted hashes, meaning they were high-security and cannot be used alone to authenticate anything on the MDN.

Mozilla told users who were affected of the leak, advising those whose passwords were revealed to change them if they are used in places other than the MDN website.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

The company said it will also look into how the leak happened and will put measures in place to prevent it happening again.

Last August, it was revealed the FBI managed to use a vulnerability in the Firefox browser to bring down a child pornography ring. Although this would seem a positive outcome, the vulnerability could have also been used by hackers to siphon off user data.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Most Popular

Visit/server-storage/network-attached-storage-nas/355849/western-digital-sneaked-inferior-smr-tech-into
network attached storage (NAS)

Western Digital accused of sneaking inferior SMR tech into NAS drives

1 Jun 2020
Visit/security/data-breaches/355777/easyjet-faces-class-action-lawsuit-over-data-breach
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
Visit/operating-systems/microsoft-windows/355812/microsoft-warns-against-installing-windows-10-may-2020
Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020