«

Has anyone just received the following email from Spread Firefox? If
not, consider this your heads up...


On Tuesday, July 12, the Mozilla Foundation discovered that the server
hosting Spread Firefox, our community marketing site, had been accessed
on Sunday, July 10 by unknown remote attackers who exploited a security
vulnerability in the software running the site. This exploit was
limited to SpreadFirefox.com and did not affect other mozilla.org web
sites or Mozilla software.

We don't have any evidence that the attackers obtained personal
information about site users, and we believe they accessed the machine
to use it to send spam. However, it is possible that the attackers
acquired information site users provided to the site.

As a Spread Firefox user, you have provided us with a username and
password. You may also have provided us with other information,
including a real name, a URL, an email address, IM names, a street
address, a birthday, and private messages to other users.

We recommend that you change your Spread Firefox password and the
password of any accounts where you use the same password as your Spread
Firefox account. To change your Spread Firefox password, go to
SpreadFirefox.com, log in with your current password, select "My
Account" from the sidebar, select "Edit Account" from the sidebar, then
enter your new password into the Password fields and press the "Save
user information" button at the bottom of the page.

The Mozilla Foundation deeply regrets this incident and is taking steps
to prevent it from happening again. We have applied the necessary
security fixes to the software running the site, have reviewed our
security plan to determine why we didn't previously apply those fixes in
this case, and have modified that plan to ensure we do so in the future.

Sincerely,
The Mozilla Foundation

"Kouros" <> wrote in message
news:db8k8b$u4m$...
> Has anyone just received the following email from Spread Firefox? If
> not, consider this your heads up...
>
>
> On Tuesday, July 12, the Mozilla Foundation discovered that the server
> hosting Spread Firefox, our community marketing site, had been accessed
> on Sunday, July 10 by unknown remote attackers who exploited a security
> vulnerability in the software running the site. This exploit was
> limited to SpreadFirefox.com and did not affect other mozilla.org web
> sites or Mozilla software.
>
> We don't have any evidence that the attackers obtained personal
SNIPPED

> The Mozilla Foundation

Yes, I got an e-mail and last week or a couple of weeks ago I kept getting
strange e-mails which seemingly had nothing to do with Firefox but came from
the Spread Firefox website. I just binned them.

BC

On Friday 15 July 2005 12:13, Big Craigie wrote:
> "Kouros" <> wrote in message
> news:db8k8b$u4m$...
>> Has anyone just received the following email from Spread Firefox? If
>> not, consider this your heads up...
>>
>> On Tuesday, July 12, the Mozilla Foundation discovered that the
>> server hosting Spread Firefox, our community marketing site, had been
>> accessed on Sunday, July 10 by unknown remote attackers who exploited
>> a security
>> vulnerability in the software running the site. This exploit was
>> limited to SpreadFirefox.com and did not affect other mozilla.org web
>> sites or Mozilla software.
>>
>> We don't have any evidence that the attackers obtained personal
> SNIPPED
>
>> The Mozilla Foundation
>
> Yes, I got an e-mail and last week or a couple of weeks ago I kept
> getting strange e-mails which seemingly had nothing to do with Firefox
> but came from the Spread Firefox website. I just binned them.

Looks like they really did get hacked.
http://mozillazine.org/talkback.html?article=6947
The hackers apparently used the site to send spam emails.

--
Travis Evans
[The email address on this post is valid, but may change from time to
time. Make sure you use the latest email address; if you use an old
one, I will not receive your message.]