Lasting for a month beginning on June 23, a failing data sanitiser job caused the disclosure of email addresses and encrypted passwords of members of the Mozilla Developer Network.
In a blog posted over the weekend, Mozilla director of developer relations, Stormy Peters, said that 76,000 users had their email address exposed via a database dump that was accessible to the wider internet. The dump also contained 4,000 encrypted user passwords.
"As soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure," said Peters. "While we have not been able to detect malicious activity on that server, we cannot be sure there wasn’t any such access."
Peters said that affected users have been notified of the breach, and for those whose password hashes were disclosed, that any similar passwords on other services be changed.
In recent weeks, Mozilla added ato its Firefox browser, that sends a SHA-256 hash to Google's Safe Browsing Service prior to downloading a file in an effort to cut down on malware downloads.
Mozilla is currently experiencing a drawn out decline in usage of its Firefox browser, with statistics from Net Applications revealed over the weekend showing thatas the second most-popular desktop browser — 20.4 percent against 15.1 percent.