Mozilla 'accidentally' reveals developer emails and passwords

Mozilla 'accidentally' reveals developer emails and passwords

Summary: Around 76,000 users of Mozilla's developer network have had their email addresses posted to a publicly accessible server, with 4,000 users also having their salted and hashed passwords revealed as well.

SHARE:

Lasting for a month beginning on June 23, a failing data sanitiser job caused the disclosure of email addresses and encrypted passwords of members of the Mozilla Developer Network.

In a blog posted over the weekend, Mozilla director of developer relations, Stormy Peters, said that 76,000 users had their email address exposed via a database dump that was accessible to the wider internet. The dump also contained 4,000 encrypted user passwords.

"As soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure," said Peters. "While we have not been able to detect malicious activity on that server, we cannot be sure there wasn’t any such access."

Peters said that affected users have been notified of the breach, and for those whose password hashes were disclosed, that any similar passwords on other services be changed.

In recent weeks, Mozilla added a file reputation service to its Firefox browser, that sends a SHA-256 hash to Google's Safe Browsing Service prior to downloading a file in an effort to cut down on malware downloads.

Mozilla is currently experiencing a drawn out decline in usage of its Firefox browser, with statistics from Net Applications revealed over the weekend showing that Chrome has displaced Firefox as the second most-popular desktop browser — 20.4 percent against 15.1 percent.

Topics: Security, Browser, Open Source

About

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • So is the author implying that it was deliberate?

    since he accented 'accidentally' with single quotation to emphasize it for some reason.
    William.Farrel
    • Nope

      It's not meant to question Mozilla's remarks so much, but point out that I am using their word for referring to the incident.
      Chris Duckett
  • "Stuff Happens"

    It is unfortunate that Firefox is slipping.......... I find it difficult to imagine anybody choosing Chrome over Firefox. Google is infamous for collecting, analyzing and exploiting information from users. Through the plug ins, Firefox offers more custom options, including security than anybody else. It's fast, reliable, and offers excellent security and control.

    H.W.
    **owly**