Firefox Monitor False Alert
I got an email from Firefox Monitor suggesting my email address was involved in a breach on a specified website. The site didn't appear familiar, but I attempted to log on and change my password as suggested. As I did not know of a password for this site, and it wasn't in my LastPass vault, I started with the "Forgot Password" process. The result came back that I didn't have an account on that site.
Why did I get a Monitor alert? Could this have any other implication such as identity theft perhaps? How should I proceed from here?
Chosen solution
You might also check the site that provides data for Firefox Monitor. It may sometimes have additional information on the breach: https://haveibeenpwned.com/
Note that because of relationships between sites, and sales of data by brokers, a company you never heard of may have obtained a copy of and leaked your data. Many of my reported breaches are along those lines.
Read this answer in context 👍 2All Replies (14)
AFAIK firefox doesn't send emails.
WestEnd said
AFAIK firefox doesn't send emails.
My query is about the Mozilla product called Firefox Monitor, which monitors sites for data breaches, and informs whether my email address has been impacted. Emails come from breach-alerts@mozilla.com and have been very useful apart from this last one.
Hi
I know about the Firefox Monitor service (I use it myself) and I am aware of the emails that are sent.
It is difficult for me to give an exact answer on this without knowing the site in question and what websites you use online. The site that had the breach may not be a site that you immediately recognise, but may be linked to or serve as the "back end" to a service that you use. You may know of a service as "big brand", but the website is actually owened and operated by "small company".
I hope that this helps and I recomend following the guidance at https://monitor.firefox.com/ for further help with this.
What Firefox Monitor is https://support.mozilla.org/en-US/kb/firefox-monitor https://support.mozilla.org/en-US/kb/firefox-monitor-faq https://monitor.firefox.com/
WestEnd said
AFAIK firefox doesn't send emails.
Firefox itself is a web browser that the company Mozilla makes (for Android, iOS, desktop) so of course it would not send any emails. So you somehow missed mentions of "Firefox Monitor" in all of the threads you have looked at and quickly posted your thoughts in?
Seburo said
Hi I know about the Firefox Monitor service (I use it myself) and I am aware of the emails that are sent. It is difficult for me to give an exact answer on this without knowing the site in question and what websites you use online. The site that had the breach may not be a site that you immediately recognise, but may be linked to or serve as the "back end" to a service that you use. You may know of a service as "big brand", but the website is actually owened and operated by "small company". I hope that this helps and I recomend following the guidance at https://monitor.firefox.com/ for further help with this.
If it helps, the name of the site is ShareThis.
Meanwhile, the link you sent me is simply the Sign Up page for Firefox Monitor, which of course I already have.
James said
What Firefox Monitor is https://support.mozilla.org/en-US/kb/firefox-monitor https://support.mozilla.org/en-US/kb/firefox-monitor-faq
Chosen Solution
You might also check the site that provides data for Firefox Monitor. It may sometimes have additional information on the breach: https://haveibeenpwned.com/
Note that because of relationships between sites, and sales of data by brokers, a company you never heard of may have obtained a copy of and leaked your data. Many of my reported breaches are along those lines.
I got a breach alert dated prior to my download and installation of Mozilla Firefox and Firefox Monitor, July 15, 2019. It tells me that there was a breach March 9th. and March 12th. 2019 on my secondary email address which used to be my primary email address at that time. How does that work and is possible? I am visually impaired, 77 years old and absolutely not computer knowledgeable thus need some good advice!
Hi Gancot, what company was breached or leaked your data?
If it was your email service provider, it's urgent to update your password, or they might already have triggered a reset. However, if it was a data broker or mailing list company, they might have your name, email address, and other information, but not your password. So in that case, you usually do not need to change your password.
Are you able to determine what company had the breach or leaked your data?
Hi James (I presume that is your name?), Thank you for answering my question in detail. Without it I would have no idea what to do. No, I did not determine the company/ies and wouldn't know how to go about it; but think that it is not necessary either. This probably was someone "hijacking" my email address and that is the reason I changed my main email address some time ago. Up until now nothing unusual happened but that I get much more Spam emails on that mg0905 address. I just blow it into cyberspace! Also, how can they "steal" any other information of my computer with just having my email address? Everything else has a different password but is operated through a Password Software with its own Password! I do appreciate another answer to this. If I am finally satisfied with Mozilla Soft-wares, I will make a donation. I changed everything over to Mozilla from Google because I don't like Googles Policies and actions. I have experienced a fascist government before and even served in their Military! Once is enough!!!
Hi Gancot, it's Jefferson, but that would be difficult to guess.
If the Monitor site doesn't show the details on which company was breached, you can search your email address(es) on https://haveibeenpwned.com/ which is Mozilla's partner for Monitor.
Hi again Jefferson, that is fantastic! I never would have figured that out. Thank you. I will ste up this software and keep monitoring my email addresses. So far, so good. Replacing Chrome with Firefox does work nicely thus far. I just wish that I had known earlier about how good Mozilla was. Well, I think, it is time owe up! Thanks again, Mike
Tony98 said
I got an email from Firefox Monitor suggesting my email address was involved in a breach on a specified website. The site didn't appear familiar, but I attempted to log on and change my password as suggested. As I did not know of a password for this site, and it wasn't in my LastPass vault, I started with the "Forgot Password" process. The result came back that I didn't have an account on that site. Why did I get a Monitor alert? Could this have any other implication such as identity theft perhaps? How should I proceed from here?
I checked out Monitor with my icloud account. I was alerted to a breach last February '19. I contacted Apple and they said that there was no breach and I should inquire with Monitor as to why they said there was. Of course in today's news it's being reported that the Apple OS has been hacked over the last couple of years and much data stolen. Who to believe???
Hi pdc111, if a breach was reported that involved an iCloud email address, it's possible you used that address on another site at some point -- if not as a username, as subscription or purchase information -- and that site had a breach that contained your email address.
Can you find more details on Monitor? If not, check Mozilla's data supplier, https://haveibeenpwned.com/ (it may show more technical details).