On The Insider: Dr. Conrad Murray Returns to Work
BNET Business Network:
BNET
TechRepublic
ZDNet

August 5th, 2009

Mozilla shuts online store after security breach

Posted by Ryan Naraine @ 11:53 am

Categories: Browsers, Data theft, Firefox, Malware, Mozilla, Open source, Phishing, Privacy, Web Applications

Tags: Online Store, Mozilla Corp., Mozilla Store, GatewayCDI, Security, Ryan Naraine

The Mozilla Foundation has shuttered its e-commerce store after confirming a security breach at GatewayCDI, the third-party vendor that handles the store’s backend operations.

The open-source groups said it has asked Gateway CDI to quickly notify individuals who had their sensitive data compromised.  Mozilla did not elaborate on the extent of compromised customer data.

Mozilla said it found out about the breach on Monday (August 4, 2009) and took the immediate preventative step of shutting down the Mozilla Store to ensure that no additional users could be compromised.

Mozilla immediately reached out to GatewayCDI and encouraged them to quickly inform individuals whose data had been compromised.  GatewayCDI is currently investigating their systems and determining the cause and extent of the breach.  Mozilla Store customers who are affected will be contacted directly by GatewayCDI.

Mozilla is committed to user privacy and the store will only be reinstated once we have a satisfactory assurance of ongoing login security and data privacy.

The Mozilla Store is currently displaying a “closed for maintenance” notice.

Mozilla said its international store, which is managed by a separate partner company, has also temporarily been shut down as a precautionary measure.

The Mozilla Community Store, which is separate, was not impacted.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 33 Talkback(s)
RE: Mozilla shuts online store after security breach
Currently the Google store is using osCommerce (www.oscommerce.com) as its backend. I can't remember if the Mozilla store did the same.

However there is an exploit (which I don't believe has be... (Read the rest)
Posted by: zcwilt Posted on: 08/08/09 You are currently: a Guest | | Terms of Use
Mozilla shuts online store after security breach  Loverock Davidson | 08/05/09
A small clue...  daftkey | 08/05/09
Well.....  daMan25 | 08/05/09
That's why it's only a "clue"..  daftkey | 08/05/09
Ok, so...  rkuhn040172@... | 08/05/09
Only ironic if Mozilla are rabid open source zealots..  daftkey | 08/06/09
Obviously you've missed the thousands of posts by...  ye | 08/06/09
HA HA OWNED!!!  itanalyst2@... | 08/05/09
A single job posting is pretty weak.  ye | 08/06/09
Are you serious?  ye | 08/06/09
Touche!  daftkey | 08/06/09
It means Linux and its related technology is no better...  ye | 08/06/09
We all knew that.. except for a few zealots..  daftkey | 08/06/09
Hardly baseless.  ye | 08/06/09
@ye - are you sure about that..  daftkey | 08/06/09
@daftkey: I wouldn't stake my life on it. But...  ye | 08/06/09
@ye.. assumptions.. you know what they say.. happy  daftkey | 08/06/09
why?  daMan25 | 08/05/09
international store  tmsbrdrs | 08/06/09
RE: Mozilla shuts online store after security breach  Chester Wisniewski - Sophos | 08/05/09
 xuniL_z | 08/05/09
Open Source security  Trolleur | 08/05/09
Trolleur - is that the best you could come up with?  wjanoch | 08/05/09
RE: Mozilla shuts online store after security breach  kb6252@... | 08/05/09
Closed Source... maybe.  wjanoch | 08/05/09
Why does "Open source takes a toll on Microsoft" link to this?  MissingMatter | 08/05/09
I was wondering the same thing..  daftkey | 08/06/09
What was the cause of the breach  kraterz | 08/05/09
Just Curious...Is Gateway Providing Security Remotely?  itanalyst2@... | 08/05/09
Guess who else uses Gateway? Google Store  ejhonda | 08/06/09
who else uses Gateway? Google Store  twaynesdomain | 08/06/09
RE: Mozilla shuts online store after security breach  conradfraney | 08/07/09
RE: Mozilla shuts online store after security breach  zcwilt | 08/08/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement
Click Here

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More