............ Have a nice day............
USER MENU ID IS UNDEFINED IN FINACLE MIS SERVER   Date of Implementation of "VERY GOOD" Bench Mark for MACPs effect from 25.07.2016   Expected DA from Jan 2017 – 3% or 2% ?    One minute talk time for each Rupee in Airtel Payments Bank   AICPIN for October 2016 : Chances for 5% DA from January 2017   Central Government employees retiring from January 2017 to submit online application   Pre-Budget Views of Govt. Employees for inclusion in the Budget for the Year 2017-18: Confederation i.e. Scrap NPS, Minimum Wage Rs. 26,000 & Fitment Formula etc   On Salary Week, Banks Unlikely to Meet Demand for Extra 1 Lakh Cr   82 per cent ATMs dry because government used that money to pay its own employees   National Anthem Before Movie, Rules Supreme Court. Citizens 'Duty-Bound' To Show Respect    undefined

Saturday, 30 August 2014

Thousands of Mozilla email IDs and Passwords were leaked

This story may be a month old, but its is something Mozilla users need to know. Early this month, Mozilla announced that a database on Mozilla Developer Network or MDN that contained members’ email IDs and passwords got disclosed on a publicly accessible server. Mozilla warned its users about this mishap and asked them to make sure that they are not getting malicious emails or activities through their credentials. When members of Mozilla were about to recover from this shock, Mozilla again notified the same problem to its users that their email IDs and passwords are mistakenly open to public.
mozilla-logo
On the official blog of ‘The Bugzilla Update’, the Mozilla spokesperson mentioned about the mishap:

“One of our developers discovered that, starting on about May 4th, 2014, for a period of around 3 months, during the migration of our testing server for test builds of the Bugzilla software, database dump files containing email addresses and encrypted passwords of roughly 97,000 users of the test build were posted on a publicly accessible server.  As soon as we became aware, the database dump files were removed from the server immediately, and we’ve modified the testing process to not require database dumps.”
The officials of Mozilla stressed on the fact that when developers logon to MDN, they are made aware that the builds are insecure and may break. That’s why the developers mostly use passwords which they do not reuse elsewhere. Despite of that Mozilla highlighted the possibility of misuse of these passwords.
“..However, because it is possible that some users could have reused their passwords on other websites or authentication systems, we’ve sent notices to the users who were affected by this disclosure and recommended that they change any similar passwords they may be using.”
Mozilla tried to console its members by mentioning that unless the members have reused the password used onlandfill.bugzilla.org, their email IDs and passwords on bugzilla.mozilla.org are not affected.
At the end, Mozilla did mention its apology to all the users about the inconvenience caused to them due to the disclosure of emails IDs and passwords. However, it is still not clear to how much extent the damage has been caused due to this disclosure.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)