Mozilla users' data was open to access

    Date29 Dec 2010
    Posted ByAlex
    A database of 44,000 users' registration information from the Add-Ons server belonging to Mozilla was found to have been exposed for download. Mozilla says that it was informed by a security researcher, through Mozilla's Web Bounty Program, that the database was visible in mid-December.
    All downloads were accounted for by Mozilla, with the only external access being that by the security researcher. According to Mozilla, the "issue posed minimal risk to users". Yesterday, Mozilla also contacted all affected users by email to explain the situation. According to the email, the file in question was placed on the server by mistake and contained the email address and first/last names of users along with an MD5 hash of the user's password.

    Users who were listed in the file have had their passwords deleted and will need to go to the addons site and click "Forgot Password" to generate a new password. The database only contained data for inactive users of the site; active users of the site were unaffected.

    The link for this article located at H Security is no longer available.

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"90","title":"Love them!","votes":"93","type":"x","order":"1","pct":79.49,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"18","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"6","type":"x","order":"3","pct":5.13,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.