Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on September 4, 2015

Hacker stole ‘security-sensitive’ data from Mozilla to target Firefox users

Hacker stole ‘security-sensitive’ data from Mozilla to target Firefox users
Ben Woods
Story by

Ben Woods

Europe Editor

Ben is a technology journalist with a specialism in mobile devices and a geeky love of mobile spectrum issues. Ben used to be a professional Ben is a technology journalist with a specialism in mobile devices and a geeky love of mobile spectrum issues. Ben used to be a professional online poker player. You can contact him via Twitter or on Google+.

Firefox users were targeted via a browser exploit that was patched last month, after a hacker broke into Mozilla’s bug-tracking system ‘Bugzilla’ to steal data about potential weaknesses.

Mozilla says that the hacker managed to access Bugzilla’s “security-sensitive” information, which unlike the rest of the repository isn’t made publicly available. It says that the compromised account was closed down as soon as it was discovered and that steps are being taken to improve the overall security to avoid a repeat of the situation.

One of those changes is requiring all users who are authorized to access security-sensitive information to change their passwords and use two-factor authentication. There are also new limits being placed on what each level of priviledged user can access, so that if an account is compromised in future, the attacker won’t be able to access as much data.

And if you’re the sort of perennially worried person who frets over what other security vulnerabilities were revealed in the hack, then rest easy, as the version of Firefox released at the end of last month fixed any problems that might have been disclosed.

➤ Improving Security for Bugzilla [Mozilla Blog]

Also tagged with