Mozilla accidentally leaks details of 76,000 developers
The company said the leak came to light 10 days ago when a data santisation process failed
Mozilla has revealed it accidentally leaked details of 76,000 developers, plus 4,000 encrypted passwords.
The company said the leak happened when it was carrying out a data sanitisation process of the Mozilla Developer Network (MDN) site database. The process failed, disclosing developer email addresses and passwords on a publicly available server.
A developer who noticed the leak discovered it had happened over a period of 30 days from June 23.
As soon as Mozilla was alerted, it removed the data dump and the process was disabled to prevent the process happening again, according to Stormy Peters, head of the firm's developer relations.
"While we have not been able to detect malicious activity on that server, we cannot be sure there wasn't any such access. We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," Peters said in a blog post.
She explained that the passwords were salted hashes, meaning they were high-security and cannot be used alone to authenticate anything on the MDN.
Mozilla told users who were affected of the leak, advising those whose passwords were revealed to change them if they are used in places other than the MDN website.
The company said it will also look into how the leak happened and will put measures in place to prevent it happening again.
Last August, it was revealed the FBI managed to use a vulnerability in the Firefox browser to bring down a child pornography ring. Although this would seem a positive outcome, the vulnerability could have also been used by hackers to siphon off user data.
Four strategies for building a hybrid workplace that works
All indications are that the future of work is hybrid, if it's not here alreadyFree webinar
The digital marketer’s guide to contextual insights and trends
How to use contextual intelligence to uncover new insights and inform strategiesFree Download
Ransomware and Microsoft 365 for business
What you need to know about reducing ransomware riskFree Download
Building a modern strategy for analytics and machine learning success
Turning into business valueFree Download