The Mozilla Developer Network (MDN) works hard to maintain privacy and security but it recently encountered an incident that led to thousands of email accounts and passwords being exposed.

In a post on the Mozilla Security Blog, Stormy Peters and Joe Stevensen wrote about the incident, saying investigations have just concluded about the leak that compromised MDN members. Discovered by one of the network's web developers on June 23, the incident had apparently started 30 days ago and involved a process for data sanitization that the MDN uses. Peters is the Director of Developer Relations while Stevensen is Operations Security Manager for the MDN.

The problem was that the process for data sanitization had failed, resulting into the accidental leak of 76,000 email accounts and 4,000 passwords on a public server. Immediately after the discovery, the dump file in the database was taken out of the server and involved processes in generating the dump were shut down to avoid further leaks. No malicious activities have been detected on the server since the MDN took action but it is not guaranteed either that the server has not been accessed without permission.

"The encrypted passwords were salted hashes and they by themselves cannot be used to authenticate with the MDN website today. Still, it is possible that some MDN users could have reused their original MDN passwords on other non-Mozilla websites or authentication systems, " said Peters and Stevensen. Notifications have been sent to users affected by the leak and all are suggested that similar passwords be changed as well.

Aside from sending out notifications to alert users, the MDN is also assessing principles and processes in place to help it figure out improvements that will reduce chances of the same incident happening in the future.

Formerly known as the Mozilla Developer Network, the MDN is the official site used for developing documentation for Mozilla projects and web standards. It began in 2005 and was led at the beginning by Deb Richardson. Documentation was later on headed by Eric Shepherd. A lot of effort has gone into migrating content for the Mozilla Foundation, with many Mozilla.org pages redirecting to the MDN. Members of the MDN range from people who can code to people who can't code, each one contributing in the effort to improve the documentation process. Even simply reviewing articles to ensure they make sense to readers help. The MDN receives funding from both the Mozilla Corporation and the Mozilla Foundation.