AAPL Stock: 118.03 ( -0.85 )

Printed from

Mozilla warns of accidental disclosure of developer network database

updated 07:33 pm EDT, Wed August 6, 2014

About 76,000 email addresses, 4,000 encrypted passwords were publicly accessible

At the beginning of the month, Mozilla issued a release on its security blog that there had been an investigation into accidental disclosure of its database for the Mozilla Developer Network (MDN). The company discovered a problem after a web developer found out that the data sanitization process it runs on the MDN database had been failing. The result was that 76,000 email addresses of account holders, as well as the "passwords of about 4,000 users" were able to be accessed publicly.

Mozilla says that as soon as the discovery was made, the dump file for the database was removed. It's possible, however, that the damage could have already been done. The issue with the database sanitation first started on June 23, but it ended up going on for 30 days. While Mozilla couldn't find any proof of malicious activity on the server in question, it cannot say with certainty that nefarious parties didn't access the data.

"We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," said Director of Developer Relations Stormy Peters, and Operations Security Manager Joe Stevensen, in the joint statement.

According to Mozilla, the encrypted passwords that any party could find were salted hashes that could no longer be used to access the MDN website. However, the company realizes that some parties could have reused their MDN passwords in other locations. Mozilla said it reached out to the people affected to recommend they change passwords, especially those that had emails and passwords exposed, in the chance that the encryption was cracked.

It took Mozilla a total of 10 days to conclude its investigation. The company said it would be looking into "the processes and principles" that it has in place, with the aim of reducing the chance that such a problem could arise in the future.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented