Software firm Mozilla has admitted to a database problem that led to the exposure of thousands of user passwords and email addresses.
Affected parties used Mozilla's developer network according to an official post from Mozilla's director of developer relations Stormy Peters and Joe Stevensen, operations security manager.
"Starting on about 23 June, for a period of 30 days, a data-sanitisation process of the Mozilla Developer Network (MDN) site database had been failing, resulting in the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users on a publicly accessible server," they wrote.
"As soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure. While we have not been able to detect malicious activity on that server, we cannot be sure there wasn't any such access."
Mozilla apologised, and added that it is working on both short and long-term fixes. It said that while the login information could not be used to access the Mozilla developer network, they face the perennial risk of the passwords being used on other sites, and those other logins being exploited.
"The encrypted passwords were salted hashes and they by themselves cannot be used to authenticate with the MDN website today. Still, it is possible that some MDN users could have reused their original MDN passwords on other non-Mozilla websites or authentication systems," they added.
"We've sent notices to the users who were affected. For those that had both email and encrypted passwords disclosed, we recommended that they change any similar passwords they may be using."
In addition to notifying users and recommending short term fixes, we're also taking a look at the processes and principles that are in place that may be made better to reduce the likelihood of something like this happening again.
Are you paying attention?
Private equity firm Permira only acquired Magento from eBay for $200m three years ago
Before robots can take over from humans, we need more humans
It's not easy not being evil