Mozilla Developer Network discovers leaked email addresses

By Erin Ayers on August 5, 2014

Mozilla-WordmarkMozilla, developers of the popular Firefox web browser, recently alerted members of its Developer Network that beginning June 23 and continuing for 30 days the email addresses of 76,000 users of the MDN were accidentally exposed, along with the passwords of 4,000 users on a publicly accessible server.

Stormy Peters, Mozilla director of developer relations, reported on the company’s blog that as soon as the disclosure was discovered, it was rectified and no malicious activity had been detected. However, Mozilla can’t guarantee that the data was not accessed by individuals with untoward intent.

“The encrypted passwords were salted hashes and they by themselves cannot be used to authenticate with the MDN website today,” Peters stated on the blog. “Still, it is possible that some MDN users could have reused their original MDN passwords on other non-Mozilla websites or authentication systems. We’ve sent notices to the users who were affected. For those that had both email and encrypted passwords disclosed, we recommended that they change any similar passwords they may be using.”

Mozilla’s Developer Network connects web developers with tools and open-source technology, as well as advice and networking to aid in building services and applications.

erin.ayers@zywave.com'

Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].