Hi jansplace, Firefox Monitor provides data about breaches on all kinds of sites: sites where you had an account, sites of data brokers that sells people's contact information, sites whose owners bought lists from data brokers, and so on.

If the breach was not a site where you directly had an account, they probably didn't leak your password or security questions/answers associated with your email address -- how would they have gotten them? Still, it's worth reading more about the breach if you have time. There may be additional information on the Monitor site as well as from Mozilla's data partner, https://haveibeenpwned.com/ about exactly what was leaked.

I also had this breach alert issue a few days ago (Aug 22/20), but the notice came from breach-alerts at mozilla.com. and that it transpired on June 22/20. I thought all Mozilla notifications came from a .org? The breach alert compromise is on my regularly used email account. Interesting situation happened about 3 weeks ago with security alert notification from Microsoft where I had to change my password on my email account. Yet my other highly rated computer security system has not given me any security warnings and I do a full system scan every day, if not more often. So between Firefox, Microsoft and the other security system I have, you would think one is relatively secure. Guess not.

Hi CV, Mozilla controls the mozilla.com domain, and my previous breach alerts also came from breach-alerts@mozilla.com so I think that is normal.

Firefox Monitor alerts are based on data from Mozilla's data partner, https://haveibeenpwned.com/ and you can check their site as well for more information on the leaked data where your email address turned up.

I don't have enough information to comment on whether the alert "from Microsoft" was real or fake, and what your security software did or didn't detect. Those might be topics for a different forum.