(Reuters) - Mozilla, creator of the Firefox web browser, said hackers had stolen security-sensitive information from Bugzilla, its bug tracker, and used it to “attack” Firefox users.
The account that the hackers broke into was shut down shortly after the company discovered it had been compromised, the company said in a blog post. (mzl.la/1N7L9fC)
Mozilla said on Friday the hackers may have used information from Bugzilla to exploit a vulnerability that allowed them to search for sensitive files and upload them to a server.
A version of Firefox, the world’s second-largest browser by users, released on Aug. 27 fixed all the vulnerabilities the hacker learned about and could have used to harm its web browser users, the company said.
Bugzilla is an open-source tool used for tracking “bugs” or flaws in software that result in incorrect or unexpected results.
While Bugzilla is mostly public, access to security sensitive information is restricted to certain trusted users.
Mozilla said it had conducted an investigation on the breach and notified relevant law enforcement authorities.
Rising cybersecurity threats and a jump in the number of reported incidents have led companies and governments to beef up their security platforms and software.
Several high profile cyber attacks including those at Anthem Inc, one of the largest U.S. health insurers and retailer Target Corp have brought the issue of data security to the fore in recent years.
Reporting by Devika Krishna Kumar and Ramkumar Iyer in Bengaluru; Editing by Maju Samuel