I don't see how the fact that he's a Mozilla blogger is relevant.
The file contains "just" full name, e-mail and URL. Thieves got the information thanks to their Facebook apps (no idea of its name), it could happen with any third-party app.
They're pretty clever. When I started programming in 2009, I wrote a small scraper that would create accounts, friend people and steal their info if they accepted. (I never released it past my own friends list and never sold the data).
There were the obvious checks for CAPTCHAs when too much activity was detected, but other subtleties as well. If you looked at too many people's profiles, emails wouldn't be displayed as text, but as images. A person would be unlikely to notice as the pages looked identical, but dynamic changes like that make it harder to scrape some things. Introducing even rudimentary OCR requirements is enough to turn away a lot of programmers.
I'm not saying it's not possible to pull off. But Facebook has set it up so any money you might make this way will likely not be worth the development time required.
Glad you found our anti-scraping stuff to be neat! I work on the team that builds a lot of that technology at Facebook. Any interest in interning here sometime and helping us improve our systems even more?
To be perfectly honest, I've kind of fallen out of love with web development in the last year and have taken more of an interest in algorithmic trading. I appreciate the interest, though. :)
You could friend people, get to know them, get their email, go to a party to meet their friends, friend them.... and eventually scrape the whole network, if you had a team working in parallel.
The file contains "just" full name, e-mail and URL. Thieves got the information thanks to their Facebook apps (no idea of its name), it could happen with any third-party app.