[https://monitor.firefox.com/ Firefox Monitor] lets you find out if your private information has been leaked or stolen. For more information, see [[Firefox Monitor]]. __TOC__ =What is a data breach? What causes it and what are the consequences?= A "breach" is an incident where private information is accessed or stolen without permission. This might be due to employee or human failure (example, a person clicks on a link that gives an attacker access to information) or security weaknesses in the software that stores that information. [https://monitor.firefox.com/ Firefox Monitor] enables people to see where their personal data has been exposed. =I received the verification email from Firefox Monitor but I can’t log in to verify my email address.= You only need to click {button Verify Your Subscription} and Firefox Monitor will record that you’ve verified your email address. There is no need to log in. =What should I do if my data has been breached?= The steps you’ll want to take will probably be different depending on the type of data that’s been compromised. For instance, a physical address by itself is not very sensitive - it’s already generally available through search engines, public records and might still even in be in a printed phone book. But, if that is combined with your name and date of birth it’s more valuable because this combination of information is often used for identification purposes. Some basic steps you can take right away are: *Change any and all affected passwords. If you’ve used that same password on other sites, changes those too. If you can enable two (or multi) factor authentication for accounts, do it. *Delete any accounts you had in the past and no longer regularly use. This will help minimize the number of accounts that are potentially hijacked or exposed to future breach riks. *Notify any relevant financial institutions if your financial information is at risk, such as banking or securities accounts, debit card, credit card or charge cards. *Consider contacting the major consumer credit-reporting bureaus and placing a fraud alert on your name if you think the information breached is enough for someone to assume your financial identity. =If a breach happened years ago, should I still worry?= That depends. The answer is yes if I you haven’t changed your password for that site since the breach happened or if you’ve reused that password on other sites. Once a password/email combination has been leaked, hackers often attempt to reuse that login on other websites. That is why it is so important that you don’t reuse passwords. A password manager like [https://1password.com/ 1Password], [https://www.lastpass.com/ LastPass], or [https://www.dashlane.com/ Dashlane] can generate strong passwords for you, and can help you manage unique passwords for your online accounts. =Why is my data on a site I never signed up for?= Your data might have been sold or shared to a site when you signed up for something else. Even when you sign a physical or paper form, your data is typically entered in an electronic database.

Firefox Monitor lets you find out if your private information has been leaked or stolen. For more information, see Get started with Mozilla Monitor.

What is a data breach? What causes it and what are the consequences?

A "breach" is an incident where private information is accessed or stolen without permission. This might be due to employee or human failure (example, a person clicks on a link that gives an attacker access to information) or security weaknesses in the software that stores that information. Firefox Monitor enables people to see where their personal data has been exposed.

I received the verification email from Firefox Monitor but I can’t log in to verify my email address.

You only need to click Verify Your Subscription and Firefox Monitor will record that you’ve verified your email address. There is no need to log in.

What should I do if my data has been breached?

The steps you’ll want to take will probably be different depending on the type of data that’s been compromised. For instance, a physical address by itself is not very sensitive - it’s already generally available through search engines, public records and might still even in be in a printed phone book. But, if that is combined with your name and date of birth it’s more valuable because this combination of information is often used for identification purposes.

Some basic steps you can take right away are:

• Change any and all affected passwords. If you’ve used that same password on other sites, changes those too. If you can enable two (or multi) factor authentication for accounts, do it.
• Delete any accounts you had in the past and no longer regularly use. This will help minimize the number of accounts that are potentially hijacked or exposed to future breach riks.
• Notify any relevant financial institutions if your financial information is at risk, such as banking or securities accounts, debit card, credit card or charge cards.
• Consider contacting the major consumer credit-reporting bureaus and placing a fraud alert on your name if you think the information breached is enough for someone to assume your financial identity.

If a breach happened years ago, should I still worry?

That depends. The answer is yes if I you haven’t changed your password for that site since the breach happened or if you’ve reused that password on other sites. Once a password/email combination has been leaked, hackers often attempt to reuse that login on other websites. That is why it is so important that you don’t reuse passwords. A password manager like 1Password, LastPass, or Dashlane can generate strong passwords for you, and can help you manage unique passwords for your online accounts.

Why is my data on a site I never signed up for?

Your data might have been sold or shared to a site when you signed up for something else. Even when you sign a physical or paper form, your data is typically entered in an electronic database.