From: security curmudgeon (jerichoattrition.org)
Date: Wed Aug 05 2009 - 16:11:31 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://blog.mozilla.com/blog/2009/08/04/mozilla-store-vendor-security-breach/

Mozilla Store Vendor Security Breach
Posted by Mozilla

August 4th, 2009 Mozilla News

Today, Mozilla discovered that GatewayCDI, the third party vendor
entrusted to run the backend of the Mozilla Store, suffered a security
breach. Once notified, we took the immediate preventative step of shutting
down the Mozilla Store to ensure that no additional users could be
compromised.

Mozilla immediately reached out to GatewayCDI and encouraged them to
quickly inform individuals whose data had been compromised. GatewayCDI is
currently investigating their systems and determining the cause and extent
of the breach. Mozilla Store customers who are affected will be contacted
directly by GatewayCDI.

Mozilla is committed to user privacy and the store will only be reinstated
once we have a satisfactory assurance of ongoing login security and data
privacy.

The International Mozilla Store, although run by a separate partner
company, has also temporarily been shut down as a precautionary measure.
The Mozilla Community Store is operated on a wholly separate system and
was not impacted by the breach.

_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]