Printed from http://www.electronista.com

Mozilla warns of accidental disclosure of developer network database

updated 07:33 pm EDT, Wed August 6, 2014

About 76,000 email addresses, 4,000 encrypted passwords were publicly accessible

At the beginning of the month, Mozilla issued a release on its security blog that there had been an investigation into accidental disclosure of its database for the Mozilla Developer Network (MDN). The company discovered a problem after a web developer found out that the data sanitization process it runs on the MDN database had been failing. The result was that 76,000 email addresses of account holders, as well as the "passwords of about 4,000 users" were able to be accessed publicly.

Mozilla says that as soon as the discovery was made, the dump file for the database was removed. It's possible, however, that the damage could have already been done. The issue with the database sanitation first started on June 23, but it ended up going on for 30 days. While Mozilla couldn't find any proof of malicious activity on the server in question, it cannot say with certainty that nefarious parties didn't access the data.

"We are known for our commitment to privacy and security, and we are deeply sorry for any inconvenience or concern this incident may cause you," said Director of Developer Relations Stormy Peters, and Operations Security Manager Joe Stevensen, in the joint statement.

According to Mozilla, the encrypted passwords that any party could find were salted hashes that could no longer be used to access the MDN website. However, the company realizes that some parties could have reused their MDN passwords in other locations. Mozilla said it reached out to the people affected to recommend they change passwords, especially those that had emails and passwords exposed, in the chance that the encryption was cracked.

It took Mozilla a total of 10 days to conclude its investigation. The company said it would be looking into "the processes and principles" that it has in place, with the aim of reducing the chance that such a problem could arise in the future.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Patriot Supersonic Rage XT 128GB USB drive

USB memory sticks are getting larger by the day, their growth speeding along with the availability and expansion of memory chips. But ...

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Sponsor

toggle

Most Commented

 
toggle

Popular News