The Mozilla “Bugzilla” bug tracking repository recently was compromised, which may have led to cyber attacks against Firefox users.

And as a result, Mozilla tops this week’s list of IT security news makers to watch, followed by Sony Pictures Entertainment (SNE), U.S. Office of Personnel Management (OPM) and University of California, Los Angeles (UCLA) Health.

What can managed service providers (MSPs) and their customers learn from these IT security news makers? Check out this week’s list of IT security stories to watch to find out:

1. Bugzilla gets breached

Mozilla last week released details about a cyber attack launched against Bugzilla.

The open source company said hackers were able to access sensitive information from Bugzilla. In addition, Mozilla noted that cyber attackers may have used this information to attack Firefox users.

However, Mozilla said it has taken steps to improve Bugzilla security.

“Openness, transparency and security are all central to the Mozilla mission,” Firefox Security Lead Richard Barnes wrote in a blog post. “We have notified the relevant law enforcement authorities about this incident, and may take additional steps based on the results of any further investigations.”

2. Sony settles over data breach

Current and former Sony employees whose personal information was published last year after the company suffered a data breach have reached a settlement.

Financial terms of the settlement were not disclosed. Nearly 50,000 employees filed a class-action lawsuit against Sony due to the data breach, according to The Associated Press.

The Sony data breach became public in November and was later linked by the FBI to North Korea.

3. OPM data breach will cost U.S. government over $133 million

The U.S. government may end up paying as much as $329.8 million to protect its government workers against identity theft.

U.S. officials have awarded ID Experts a contract to safeguard the sensitive information of the 21.5 million affected by the OPM data breach. Engadget reported that the agreement will cost the government at least $133.3 million, and options could bring its value to as high as $329.8 million.

“We remain fully committed to assisting the victims of these serious cybercrimes and to taking every step possible to prevent the theft of sensitive data in the future,” OPM Acting Director Beth Cobert said in a prepared statement. “Millions of individuals, through no fault of their own, had their personal information stolen and we’re committed to standing by them, supporting them and protecting them against further victimization.”

4. UCLA Health notifies patients about data breach

UCLA Health last week notified more than 1,200 patients who may have had their medical information exposed after a faculty member’s laptop was stolen in early July.

However, UCLA pointed out that at this time there is no evidence that any individual’s personal or medical information stored on the laptop has been accessed, disclosed or used.

“No Social Security numbers, health plan ID numbers, credit card numbers or other financial data were stored on the stolen laptop,” UCLA Health said in a prepared statement. “UCLA Health has notified the DHHS Office for Civil Rights, the California Attorney General, and other regulators of the theft, and a special phone line has been established to provide information and assistance to those who receive the notification letters.”

What are your thoughts on this week’s IT security stories to watch? Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at [email protected].