Mozilla accidentally leaks details of 76,000 developers
The company said the leak came to light 10 days ago when a data santisation process failed
Mozilla has revealed it accidentally leaked details of 76,000 developers, plus 4,000 encrypted passwords.
The company said the leak happened when it was carrying out a data sanitisation process of the Mozilla Developer Network (MDN) site database. The process failed, disclosing developer email addresses and passwords on a publicly available server.
A developer who noticed the leak discovered it had happened over a period of 30 days from June 23.
As soon as Mozilla was alerted, it removed the data dump and the process was disabled to prevent the process happening again, according to Stormy Peters, head of the firm's developer relations.
"While we have not been able to detect malicious activity on that server, we cannot be sure there wasn't any such access. We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," Peters said in a blog post.
She explained that the passwords were salted hashes, meaning they were high-security and cannot be used alone to authenticate anything on the MDN.
Mozilla told users who were affected of the leak, advising those whose passwords were revealed to change them if they are used in places other than the MDN website.
The company said it will also look into how the leak happened and will put measures in place to prevent it happening again.
Last August, it was revealed the FBI managed to use a vulnerability in the Firefox browser to bring down a child pornography ring. Although this would seem a positive outcome, the vulnerability could have also been used by hackers to siphon off user data.
The case for a marketing content hub
Transform your digital marketing to deliver customer expectationsDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now
IT faces new security challenges in the wake of COVID-19
Beat the crisis by learning how to secure your networkDownload now