Mozilla Data Breach

12/28/2010

A partial database of Mozilla's addons.mozilla.org user accounts were inadvertently left on a publicly accessible server.

A researcher made Mozilla was made aware of this issue via their web bounty program on December 17th and since that time Mozilla has removed the information and yesterday, on December 27th, 2010, contacted those users who were effected.

"We were able to account for every download of the database", Mozilla said in their post. "This issue posed minimal risk to users, however as a precaution we felt we should disclose this issue to people affected and err on the side of disclosure."

Mozilla also noted that current addons.mozilla.org users and accounts are not at risk and this incident didn't impact any of Mozilla’s infrastructure.

More information can be found on the Mozilla Security Blog.

( Amber Graner)

Related content