Mozilla is reporting that a database which included 44,000 older user accounts from addons.mozillia.org was exposed on public servers. The older accounts passwords were stored using MD5, newer password continue to be stored using SHA-512. Other information including email and mailing addresses were exposed.

They have posted that they have fully accounted for down loads of the data base and forced reset of the passwords on the accounts stored with MD5. Exposure of valid email address, first names, last names and addresses represents risk for users which may belong to the site. (Many are developers and IT personal.)

It is important that organizations define what is considered personally identifiable information of emplyees.

With the holiday season fast approaching so is the expected onslaught of various phishing and spamming campaigns. During the holiday season email boxes get flooded with various spam from fake charities to the president of the your respective country. Remember that email with offers that are too good to be true are most likely spam. Avoid opening and responding to messages from sources that you do not know.