Firefox Monitor - Frequently asked questions
Table of Contents
- 1 General questions about data breaches
- 1.1 What exactly is a data breach?
- 1.2 What information gets exposed in data breaches?
- 1.3 Do I need to be worried if I’m in a data breach?
- 1.4 If a breach happened years or is for an old account, do I need to do anything?
- 1.5 I just found out I’m in a data breach. What do I do next?
- 1.6 Does my anti-virus software protect me from data breaches?
- 2 Questions about Firefox Monitor
- 2.1 Do I need to create a Firefox Account to get Firefox Monitor alerts?
- 2.2 How much Firefox Monitor cost?
- 2.3 How far back do data breaches in the Firefox Monitor database go?
- 2.4 How does Firefox Monitor know I’m in these breaches?
- 2.5 I don’t recognize this company or website. Why am I in this breach?
- 2.6 Will Firefox Monitor protect me from data breaches?
- 2.7 How do I know these emails are really from Firefox and not a hacker?
- 2.8 Can I use Firefox Monitor on other browsers like Chrome, Safari?
- 2.9 How comprehensive is Firefox Monitor’s breach database?
- 2.10 I’m already signed up for Firefox Monitor alerts. Do I need to sign up again?
General questions about data breaches
What exactly is a data breach?
A data breach happens when personal or private information gets exposed, stolen, or copied without permission. These security incidents can be a result of cyber attacks to websites, apps, or any database where people’s personal information resides. A data breaches can also happen by accident, for example if someone’s login credentials accidentally get posted publicly.
What information gets exposed in data breaches?
Every breach is different. It really just depends on what the cyber criminals can get. Not all breaches expose all the same info. It just depends on what hackers can get access to.
Many data breaches expose email addresses and passwords. Others expose more sensitive information, like credit card numbers, passport numbers, or social security numbers.
Do I need to be worried if I’m in a data breach?
You should take steps to protect your personal information and accounts. If your password and email gets exposed, hackers can sell that info on the dark web to the highest bidder. Whoever buys that info can try to use it to gain access to your other online accounts. These cyber criminals may try to steal your identity, make purchases, or take out loans in your name.
If a breach happened years or is for an old account, do I need to do anything?
You should still take steps to protect yourself. It sometimes takes years for credentials exposed in a data breach to surface on the dark web. If you haven’t yet changed your password on the affected account, do that right away. If you use that password elsewhere, you should change those, too. Otherwise hackers can use your login details on other websites.
I just found out I’m in a data breach. What do I do next?
There are several steps you can take.
- Read the details about the breach.
- Change your password for the compromised account.
- If you’ve used that password for other accounts, change those too.
- If financial data like your credit card number, bank account number, or PIN number were exposed in the breach, contact your bank. Monitor your statements for suspicious activity. Contact the major consumer credit reporting bureaus (Equifax, Experian and TransUnion) to take steps to protect yourself from identity theft. Security experts recommend placing a freeze on your credit reports at all three bureaus so no one can apply for credit cards or loans in your name.
- Take extra steps to improve your online security, like setting up 2FA. This adds another step to log in, like entering a code sent to your phone. These websites offer two-factor authentication.
- Set up a password manager, such as 1Password, LastPass, Dashlane, or Bitwarden. Hackers know many people reuse passwords. With a password manager, you can store unique passwords for all your online accounts and auto-fill them in to websites for you. Because password managers encrypt your data, it’s difficult for hackers to get access.
Does my anti-virus software protect me from data breaches?
Anti-virus software can’t prevent data breaches from happening. It scans your computer for viruses and other malicious software, but can’t prevent anyone from gaining unauthorized access to your online accounts. Cyber criminals hack the websites themselves, not your computer.
Anti-virus software cannot:
- Prevent someone from hacking into a website and stealing your login credentials if you have an account with that site.
- Prevent someone who has your password from logging in.
- Always detect scam or phishing emails that prompt you to enter your email and password.
Questions about Firefox Monitor
Do I need to create a Firefox Account to get Firefox Monitor alerts?
Yes. You may search your email in publicly available data breaches without creating an account. To sign up for alerts about future breaches and to get your detailed report, you’ll need to create a Firefox Account on monitor.firefox.com.
How much Firefox Monitor cost?
Firefox Monitor is free. This free service is provide by Mozilla, the company that makes the Firefox browser. You do need to create a Firefox Account to sign up.
How far back do data breaches in the Firefox Monitor database go?
Firefox Monitor searches for your email in publicly-available data breaches back to 2007.
How does Firefox Monitor know I’m in these breaches?
I don’t recognize this company or website. Why am I in this breach?
There are a number of reasons you might not recognize the company or breach name:
The site may have changed names or been sold to a new company.
- It could be an old account you forgot about.
- Someone may have created an account for you.
- The breach may be a combolist. A combolist is a collection of different data breaches. Hackers combined the passwords and emails from many data breaches into one, single list.
- A data aggregator was breached. These companies collect your information from other sources. Data aggregators compile publicly available data and buy customer data from other companies. You may have an account with a company that sold your info to a data aggregator.
Will Firefox Monitor protect me from data breaches?
No one — not even Firefox — can prevent data breaches from happening. We can alert you about breaches you were involved in. We can help you understand what you need to do to mitigate the risks. We can recommend tools to use that make it easier to protect your information online. But you alone need to take action to protect your accounts. If a breach involved financial info, you’ll also need to monitor your own financial accounts and credit reports for anything suspicious.
How do I know these emails are really from Firefox and not a hacker?
Check the email address in the send field. Firefox Monitor emails will always come from email@example.com.
Can I use Firefox Monitor on other browsers like Chrome, Safari?
Yes. Firefox Monitor works on all browsers. You can create a Firefox Account on any browser.
How comprehensive is Firefox Monitor’s breach database?
Some breaches may not appear in our database because they haven’t been discovered yet. Others might not appear because Have I Been Pwned, our breach source, hasn’t been granted access to the details about a particular breach. If a company where you have an account notifies you of a security incident, read the details closely and follow their recommended actions to protect your account.
I’m already signed up for Firefox Monitor alerts. Do I need to sign up again?
If you subscribed to Firefox Monitor alerts before March 11, 2019 you do not need to create a Firefox Account at this time.