AAPL Stock: 111.66 ( + 2.16 )

Printed from

Mozilla warns of accidental disclosure of developer network database

updated 07:33 pm EDT, Wed August 6, 2014

About 76,000 email addresses, 4,000 encrypted passwords were publicly accessible

At the beginning of the month, Mozilla issued a release on its security blog that there had been an investigation into accidental disclosure of its database for the Mozilla Developer Network (MDN). The company discovered a problem after a web developer found out that the data sanitization process it runs on the MDN database had been failing. The result was that 76,000 email addresses of account holders, as well as the "passwords of about 4,000 users" were able to be accessed publicly.

Mozilla says that as soon as the discovery was made, the dump file for the database was removed. It's possible, however, that the damage could have already been done. The issue with the database sanitation first started on June 23, but it ended up going on for 30 days. While Mozilla couldn't find any proof of malicious activity on the server in question, it cannot say with certainty that nefarious parties didn't access the data.

"We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," said Director of Developer Relations Stormy Peters, and Operations Security Manager Joe Stevensen, in the joint statement.

According to Mozilla, the encrypted passwords that any party could find were salted hashes that could no longer be used to access the MDN website. However, the company realizes that some parties could have reused their MDN passwords in other locations. Mozilla said it reached out to the people affected to recommend they change passwords, especially those that had emails and passwords exposed, in the chance that the encryption was cracked.

It took Mozilla a total of 10 days to conclude its investigation. The company said it would be looking into "the processes and principles" that it has in place, with the aim of reducing the chance that such a problem could arise in the future.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Polk Hinge Wireless headphones

Polk, a company well-established in the audio market, recently released a new set of headphones aimed at the lifestyle market. The Hin ...

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...


Most Commented