Mozilla users' data was open to access

    Date29 Dec 2010
    CategoryHacks/Cracks
    4428
    Posted ByAlex
    A database of 44,000 users' registration information from the Add-Ons server belonging to Mozilla was found to have been exposed for download. Mozilla says that it was informed by a security researcher, through Mozilla's Web Bounty Program, that the database was visible in mid-December. All downloads were accounted for by Mozilla, with the only external access being that by the security researcher. According to Mozilla, the "issue posed minimal risk to users". Yesterday, Mozilla also contacted all affected users by email to explain the situation. According to the email, the file in question was placed on the server by mistake and contained the email address and first/last names of users along with an MD5 hash of the user's password.

    Users who were listed in the file have had their passwords deleted and will need to go to the addons site and click "Forgot Password" to generate a new password. The database only contained data for inactive users of the addons.mozilla.org site; active users of the site were unaffected.

    You are not authorised to post comments.

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com feature?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote
    17
    radio
    [{"id":"65","title":"Feature articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"66","title":"News","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"67","title":"HOWTOs","votes":"0","type":"x","order":"3","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.