Mozilla says someone compromised an account on Bugzilla and used that access to obtain security-sensitive information and used it to attack Firefox users. The account that the attacker broke into was shut down shortly after Mozilla discovered that it had been compromised. Mozilla says that the user who had their Bugzilla account compromised reused that password on other domains. The earliest confirmed instance of the attacker’s access to Bugzilla dates back to September 2014, but some indicators show September 2013, Mozilla said. The version of Firefox released on August 27 fixed all of the vulnerabilities the attacker learned about and could have used.”]