Mozilla on Friday disclosed that "someone" stole security-sensitive information from Bugzilla, its bug tracker, and used it to "attack" Firefox users. Mozilla saays it has conducted an investigation of this unauthorized access, and has taken actions to address the threat.

The account that the attacker broke into was shut down shortly after Mozilla discovered that it had been compromised. Mozilla believes that that the attacker used information from Bugzilla to exploit the vulnerability that was patched on August 6. Mozilla has no indication that any other information obtained by the attacker has been used against Firefox users. The version of Firefox released on August 27 fixed all of the vulnerabilities that the attacker learned about and could have used to harm Firefox users.