The database included account information of 44,000 (inactive) users as well as md5-based passwords. While current addon passwords use a SHA-512 password hash and Mozilla considered the risk for Mozilla users as "minimal" it deleted the md5 passwords as a precaution. SHA-512 has been used since April 9, 2009.
Mozilla said that all users that were affected by the security issue, have been notified via email.
Since we are already talking about open passwords, we should also mention that Honda today notified its customers that hackers accessed the account data, including email addresses, login names and vehicle identification numbers of about 2.2 million people. Honda said that a separate list of 2.7 million email addresses was accessed as well.