Encryption error exposes sensitive Mozilla data for 30 days
The credentials of 76,000 users along with 4,000 encrypted passwords were left publically available for well over a month before discovery, ironically due to a server error in the midst of a database sanitisation process.
Though, the exposed developer's data was immediately removed from the unencrypted backup server where it had been accidentally dumped, the ripple effect is still being felt throughout the community. Despite the shock Mozilla sources say that the developer network as been “remarkably understanding.”
"We are known for our commitment to privacy and security,” Stormy Peters, director of developer relations, commented on the Mozilla blog, “and we are deeply sorry for any inconvenience or concern this incident may cause you." Mozilla also assured those affected that there has been no evidence of a breach relating to the data exposure and that the encrypted passwords would no longer work.