As Sophos security expert Chester Wisniewski notes, Mozilla stored the compromised passwords set before April 9th, 2009 as MD5 hashes, rather than plain text.
“[But] MD5 has cryptographic weaknesses that permit creation of the same hash from multiple strings,” he explained.
“This permits security experts to compute all the possible hashes and determine either your password or another string that will work even if it is not your password.”
Fortunately, only a single individual – who was participating in Mozilla’s web bounty program – managed to access the sensitive content.
As expected, the organization quickly deleted the passwords of all 44,000 accounts from the addons site, regardless of whether they were exposed or not.
Mozilla also quickly moved to assure addon visitors that newly created passwords remain invulnerable to a similar disclosure, as they employ SHA-512 with per-user salts to store hashes.
According to Wisniewski, the above-mentioned incident clearly illustrates why administrators should be ditching their outdated MD5 models ASAP.
“Are you still storing passwords using methods like Gawker (DES) or Mozilla (MD5)?
“[If so], we know they are broken and it is important to migrate away from these algorithms in case you have a database accidentally make its way outside of your organization,” he warned.