A hacking group called “AnonGhost” is claiming they have compromised “Mozilla Emails Managers” and exposed the email address and a 16-character value for 50 accounts. Upon investigation we’ve determined the 16-character values are not user passwords. Instead, they are activation codes used for the initial activation of user accounts for a Mozilla blogging software.
The claim relates to 50 Mozilla employees, former Mozilla employees and other people in the Mozilla community. The activation code can not be used to directly access any systems. In all situations a username and password are required to access the blogging software. We have no indications that the passwords were at risk.
At this time we are still performing additional investigations to understand how the activation codes were exposed. We’ll make sure to address any concerns that are uncovered.
Director of Security Assurance