Mozilla Store Vendor Security Breach
Today, Mozilla discovered that GatewayCDI, the third party vendor entrusted to run the backend of the Mozilla Store, suffered a security breach. Once notified, we took the immediate preventative step of shutting down the Mozilla Store to ensure that no additional users could be compromised.
Mozilla immediately reached out to GatewayCDI and encouraged them to quickly inform individuals whose data had been compromised. GatewayCDI is currently investigating their systems and determining the cause and extent of the breach. Mozilla Store customers who are affected will be contacted directly by GatewayCDI.
Mozilla is committed to user privacy and the store will only be reinstated once we have a satisfactory assurance of ongoing login security and data privacy.
The International Mozilla Store, although run by a separate partner company, has also temporarily been shut down as a precautionary measure. The Mozilla Community Store is operated on a wholly separate system and was not impacted by the breach.