Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Dalšne informacije

I received a breach alert from Mozilla Monitor 4 months after breach occurred - was this a bogus alert?

  • 2 wótegronje
  • 0 ma toś ten problem
  • Slědne wótegrono wót Patrick

Patrick
Patrick

Today (February 25, 2026) I received an email notice, apparently from Mozilla Monitor, advising me that my "Email addresses, Partial credit card data, Passwords, and Phone numbers" had been exposed in a data breach at Canadian Tire. This email seemed legitimate (the sender was breach-alerts@mozilla.com), but since it gave me a link to login to Mozilla Monitor, my first concern was that this might be a phishing email and it would be dangerous to click on that link. Instead, I went through the Firefox settings to login to my Firefox account and from there, I checked what Monitor had reported. The Canadian Tire breach was not listed there. However, when I went to haveibeenpwned.com, the Canadian Tire breach was listed there. It showed that the breach occurred on October 25, 2025. So why was the breach not listed for me on Mozilla Monitor? And why would I have received an alert from Monitor 4 months after the breach? Was this breach alert notice actually a phishing scam perpetrated by someone using the information from haveibeenpwned.com as bait?

Today (February 25, 2026) I received an email notice, apparently from Mozilla Monitor, advising me that my "Email addresses, Partial credit card data, Passwords, and Phone numbers" had been exposed in a data breach at Canadian Tire. This email seemed legitimate (the sender was breach-alerts@mozilla.com), but since it gave me a link to login to Mozilla Monitor, my first concern was that this might be a phishing email and it would be dangerous to click on that link. Instead, I went through the Firefox settings to login to my Firefox account and from there, I checked what Monitor had reported. The Canadian Tire breach was not listed there. However, when I went to haveibeenpwned.com, the Canadian Tire breach was listed there. It showed that the breach occurred on October 25, 2025. So why was the breach not listed for me on Mozilla Monitor? And why would I have received an alert from Monitor 4 months after the breach? Was this breach alert notice actually a phishing scam perpetrated by someone using the information from haveibeenpwned.com as bait?

Wšykne wótegrona (2)

TyDraniu
TyDraniu
  • Top 10 Contributor

Hi, Canadian Tire has been added to the Mozilla Monitor yesterday (FEB 25), after sending emails. Definitely not a scam.

Breaches are added to HIBP after receiving information about them, not when they occur.

Patrick
Patrick Pšašaŕ

Thanks for this explanation. Canadian Tire’s notice on its own website is dated November, so this breach has been known publicly for at least 3 months. Still quite a lag time for it to appear on Monitor,

Stajśo pšašanje

Musyśo se pla swójogo konta pśizjawiś, aby na pśinoski wótegronił. Pšosym stajśo pšašanje, jolic hyšći njamaśo wužywaŕske konto.