{"id":6128,"date":"2014-08-05T10:00:52","date_gmt":"2014-08-05T14:00:52","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=6128"},"modified":"2014-08-05T10:00:52","modified_gmt":"2014-08-05T14:00:52","slug":"mozilla-warns-of-leaky-developer-network-database","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/08\/05\/mozilla-warns-of-leaky-developer-network-database\/","title":{"rendered":"Mozilla warns of leaky developer network database"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.pcworld.com\/article\/2460980\/mozilla-warns-of-leaky-developer-network-database.html\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/08\/password-100364419-large.jpg\" alt=\"\" \/><\/a><\/p>\n<p>Mozilla\u2019s website for developers leaked email addresses and encrypted passwords of registered users for about a month due to a database error, the organization said Friday.<\/p>\n<p>Email addresses for 76,000 Mozilla Development Network (MDN) users were exposed, along with around 4,000 encrypted passwords, wrote Stormy Peters, director of development relations, and Joe Stevensen, operations security manager in a blog post. Mozilla is notifying those affected.<\/p>\n<p>No malicious activity on the affected server was detected, but that does not mean the data wasn\u2019t accessed, they wrote.<\/p>\n<p>A Web developer discovered around 10 days ago that a data sanitization process on the database running the MDN wasn\u2019t working. The leak started around June 23 and continued for a month.<\/p>\n<p>\u201cAs soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure,\u201d they wrote.<\/p>\n<p>The exposed passwords were encrypted and \u201csalted,\u201d a security measure that makes it difficult to revert them to their original form. Even if the passwords were decrypted, \u201cthey by themselves cannot be used to authenticate with the MDN website today,\u201d according to the post.<\/p>\n<p>Since some people may used the same MDN password on other websites, it\u2019s recommended the password be changed.<\/p>\n<p>Mozilla said it was \u201cdeeply sorry\u201d for the error.<\/p>\n<p>\u201cIn addition to notifying users and recommending short term fixes, we\u2019re also taking a look at the processes and principles that are in place that may be made better to reduce the likelihood of something like this happening again,\u201d according to the post.<\/p>\n<p>via <a href=\"http:\/\/www.pcworld.com\/article\/2460980\/mozilla-warns-of-leaky-developer-network-database.html\" target=\"_blank\">Mozilla warns of leaky developer network database | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Mozilla\u2019s website for developers leaked email addresses and encrypted passwords of registered users for about a month due to a [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,9],"tags":[717,797],"class_list":["post-6128","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-mozilla","tag-passwords"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1AQ","jetpack-related-posts":[{"id":5671,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/06\/one-in-seven-americans-were-notified-of-personal-data-breaches-last-year\/","url_meta":{"origin":6128,"position":0},"title":"One in seven Americans were notified of personal data breaches last year","author":"NCCT","date":"June 6, 2014","format":false,"excerpt":"Personal data theft has become an increasing concern for everyone, but according to a recent Consumer Reports survey, most US consumers do nothing to protect themselves even with data theft on the rise. The survey found that one in seven Americans, or around 45 million people, were notified that their\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5812,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/20\/hackers-target-dominos-pizza-demand-40000-ransom-for-customer-data\/","url_meta":{"origin":6128,"position":1},"title":"Hackers target Domino&#8217;s Pizza, demand $40,000 ransom for customer data","author":"NCCT","date":"June 20, 2014","format":false,"excerpt":"Hackers have targeted Domino's Pizza servers and claim to have downloaded details of over 650,000 customers. The group, calling itself Rex Mundi, has said that unless the company pays up \u20ac30,000 EUR (around $40,600 USD \/ \u00a324,000 GBP) by today, it will publish the full database online. The database includes\u2026","rel":"","context":"In &quot;Networking&quot;","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2971,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/17\/tumblr-tells-users-to-change-passwords-patches-security-hole-in-ios-apps\/","url_meta":{"origin":6128,"position":2},"title":"Tumblr tells users to change passwords, patches security hole in iOS apps","author":"NCCT","date":"July 17, 2013","format":false,"excerpt":"Tumblr, the blogging site recently acquired by Yahoo, has released a security update for its iPhone and iPad apps that it said addresses an issue that allowed passwords to be compromised in certain circumstances. Users of the apps have been advised to update their passwords on Tumblr as there is\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8943,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/06\/10\/twitter-is-notifying-affected-users-after-millions-of-login-details-leaked\/","url_meta":{"origin":6128,"position":3},"title":"Twitter is notifying affected users after millions of login details leaked","author":"NCCT","date":"June 10, 2016","format":false,"excerpt":"By Ian Paul | PCWorld Users worried about being caught up in the recent leak of more than 32 million Twitter login credentials should already know if they\u2019ve been hacked. Twitter confirmed on Friday that it was notifying users whose valid login credentials were recently being passed around on the\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9031,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/09\/24\/heres-what-you-should-know-and-do-about-the-yahoo-breach\/","url_meta":{"origin":6128,"position":4},"title":"Here&#8217;s what you should know, and do, about the Yahoo breach","author":"NCCT","date":"September 24, 2016","format":false,"excerpt":"By Lucian Constantin | IDG News Service | PCWorld Yahoo\u2019s announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale\u2014it\u2019s the largest data breach ever\u2014and the potential security implications for users. That\u2019s because Yahoo, unlike MySpace, LinkedIn and other online services that\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8935,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/05\/31\/myspace-hack-puts-at-least-360-million-users-at-risk\/","url_meta":{"origin":6128,"position":5},"title":"Myspace hack puts at least 360 million users at risk","author":"NCCT","date":"May 31, 2016","format":false,"excerpt":"By Shawn Knight | TechSpot Time Inc., which recently acquired pioneering social network Myspace, has confirmed reports that the site was hacked. Like the Tumblr breach that we reported on yesterday, the compromised Myspace data dates back several years. Time said earlier today that it first became aware shortly before\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/6128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=6128"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/6128\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=6128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=6128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=6128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}