Firefox maker Mozilla has admitted it accidentally exposed the email addresses of almost 80,000 members of its Developer Network, along with thousands of encrypted passwords.
A Mozilla developer discovered the incident around two weeks ago, according to a new blog post by operations security manager Joe Stevensen and developer relations director Stormy Peters.
“Starting on about June 23, for a period of 30 days, a data sanitization process of the Mozilla Developer Network (MDN) site database had been failing, resulting in the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users on a publicly accessible server,” they explained.
“As soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure. While we have not been able to detect malicious activity on that server, we cannot be sure there wasn’t any such access.”
The encrypted passwords were salted hashes and they can’t be used on their own in the event that attackers have got hold of them to log-in to the site, Mozilla said.
However, MDN users re-using their passwords on other sites were warned to change these credentials immediately.
This article has been extracted from http://www.infosecurity-magazine.com/, please click on this link to read the article in full
Montash is a multi-award winning, global IT recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy & Technologies, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.