Mozilla is reporting that its Mozilla Store (which sells Mozilla ‘stuff’) was hit by a security breach, by way of their backend payment gateway provider, GatewayCDI.
Mozilla notes that once they found out GatewayCDI had a security breach, they shut down the store. As of 9:30 AM ET on Wed Aug 5th, the store remains closed with the notice”The Mozilla Store has been closed for maintenance.”
“Mozilla immediately reached out to GatewayCDI and encouraged them to quickly inform individuals whose data had been compromised,” Mozilla’s blog post on the issue states. “GatewayCDI is currently investigating their systems and determining the cause and extent of the breach. Mozilla Store customers who are affected will be contacted directly by GatewayCDI.”
The Mozilla Store won’t re-open until Mozilla is assured that security is what it should be.
It’s unfortunate – but these types of breaches do occur. In my opinion, Mozilla is doing the responsible thing here, shutting down the store and be as open as they can be about what occurred.