Mozilla Discloses Another Security Breach Exposing User Data
OStatic
Home
Blog
Questions
Software
Members
 
 
 
 
Follow Us:
Follow us on Twitter
Subscribe to our RSS
About
Contact
Mozilla Discloses Another Security Breach Exposing User Data
by Sam Dean - Aug. 28, 2014Comments (0)
Related Blog PostsGoogle, Facebook and Other Giants Oppose New Bill Over Privacy ThreatsMozilla Study Highlights Need for Tech Education in Developing WorldStartup DataVisor Nabs $14.5 Million to Fund Spark-based SecurityMozilla to Bar Many Legacy Plug-ins in Firefox By End of 2016Bugzilla Bug Tracker Was Key to Recent Firefox Security Snafu
Only weeks after it released the distressing news that its website dedicated to developers suffered from a database error that exposed email addresses and encrypted passwords of registered users, Mozilla is back in the news with a similar snafu. The company has just disclosed that email addresses and encrypted passwords of approximately 97,000 users who worked with early builds of the Bugzilla bug tracking software were exposed for three months after a server migration.In a blog post, Mark Côté, the Bugzilla project’s assistant lead, writes:"One of our developers discovered that, starting on about May 4th, 2014, for a period of around 3 months, during the migration of our testing server for test builds of the Bugzilla software, database dump files containing email addresses and encrypted passwords of roughly 97,000 users of the test build were posted on a publicly accessible server.  As soon as we became aware, the database dump files were removed from the server immediately, and we’ve modified the testing process to not require database dumps.""...Because it is possible that some users could have reused their passwords on other websites or authentication systems, we’ve sent notices to the users who were affected by this disclosure and recommended that they change any similar passwords they may be using. It’s important to note that, unless users reused the password they used on landfill.bugzilla.org, this does not affect bugzilla.mozilla.org email addresses or passwords." Notably, the database dumps behind this latest security breach are similar to the ones that caused a problem for Mozilla reported in August. In that incident, about 76,000 Mozilla Development Network (MDN) users had their email addresses exposed, along with around 4,000 encrypted passwords. The leak was caused by what Mozilla referred to as a database error and a failed "data sanitization process." A web developer first noticed that incident.Mozilla has apologized for both incidents.  
mozilla security
Previous: Red Hat Shake-up, De...Next: Chrome's Stable 64-B... Browse Blog
Gerard Braad uses OStatic to support Open Source, ask and answer questions and stay informed. What about you?
 
Comments
Share Your Comments
If you are a member, Sign in to have your comment attributed to you. If you are not yet a member, Join OStatic and help the Open Source community by sharing your thoughts, answering user questions and providing reviews and alternatives for projects.
Your Name
Email Address (kept hidden)
Your Comment *
Promote Open Source Knowledge by sharing your thoughts, listing Alternatives and Answering Questions!
 
Explore Software in this Blog Post
1
2
3
4
5
Mozilla has 0 reviews17 users
Featured MembersViewCraig HarrisI'm a tech analyst at a local firm here in Cambrid...
ViewGerard BraadSoftware/Hardware engineer and Visuals Artist. Maintains Unix and Windows systems/networks. Fanatic user of Linux and Unices.
Related Questions
Browse
Get answers and share your expertise.
Have a question? Ask the community
How Secure is My Cloud?
By Dineshrawar - Feb 03, 2012
3 answers
What is the Imported from Google Notebook File in Google Docs?
By Deepa Nayar - Dec 02, 2011
3 answers
How to Hide IP?
By Michael McKinney - Nov 17, 2011
4 answers
Partner Center
Happening Now on OStatic
amritahyd commented on How to Easily Get Very In-Demand OpenStack Cloud Skills
amritahyd commented on Master the Cloud with Free OpenStack Training Tools
Steve commented on Red Hat, Fedora, & CentOS - and More
Home
Blog
Software
Questions
About OStatic
Contact
Terms of Service
Privacy Policy
Send Feedback
Powered by Vox Holdings
© 2015 OStatic. Built on fine Open Source Software from projects like
Apache,
Drupal,
Java,
Linux,
MySQL and
PHP.
Sign in to OStatic
close
Username: *
Password: *
Not a member? Join NowI forgot my password