97K Bugzilla users affected by data disclosure

Share it:
Mozilla Security team have made a announcement that about 97,000 users emails address and encrypted password of Bugzilla users were accidentally disclosed. On the blogpost, Mark Cote Assistant Project Lead, Bugzilla, have made the confirmation about the data disclosure of 97,000 Bugzilla users.

Bugzilla is a bug-tracking software system widely used by many organizations, and Mozilla team also use it for its bug tracking system. With the explanation to the scenario Cote says-
“One of our developers discovered that, starting on about May 4th, 2014, for a period of around 3 months, during the migration of our testing server for test builds of the Bugzilla software, database dump files containing email addresses and encrypted passwords of roughly 97,000 users of the test build were posted on a publicly accessible server. 
As soon as we became aware, the database dump files were removed from the server immediately, and we’ve modified the testing process to not require database dumps,” - Cote added.
 According to the published post from Bugzilla team, during the migration of the server, the database dump files containing the disclosed data were posted on a publicly accessible server.

Along with that Bugzilla team also confirmed that the incident didn’t affect any users of bugzilla.mozilla.org, just onlandfill.bugzilla.org users were affected. Team also says that they have notified the affected users and also asked to change any similar passwords they may be using.

This is not the new thing happens with Mozilla team, as earlier this month Thousands of Mozilla Developers Emails and Password Exposed Accidentally. On that time also about 76,000 e-mail addresses and 4,000 password hashes were left on a publicly accessible server for about 30 days beginning June 23.

At the mean time, Bugzilla team had reset all the passwords on all Landfill test Bugzilla systems and asked users to set a new password the next time they access the test Bugzilla systems.

Mozilla team apologize for the issue and says deeply sorry for any inconvenience or concern this incident may cause you.
Share it:




Post A Comment:


Follow by Email