For 30 days, a "data sanitization" process failed and exposed the information on a public server. It also exposed the passwords of about 4,000 users.
As soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure. While we have not been able to detect malicious activity on that server, we cannot be sure there wasn’t any such access.
Mozilla has contacted all users who are affected. The company is also working to improve its technology to avoid things like this in the future.
One security error like this can give hackers access to all of your online accounts if you aren't changing up your passwords. That's why I always tell you not to use the same password across different networks. Any MDN user who does use the same password on multiple sites should go and change them now to be safe. You can learn more about how to create a safe and secure password here.
Once you've created strong passwords for each of your online accounts, a secure password manager program can help you remember them all.