Mozilla Monitor 是 Mozilla 提供的数据泄漏通知服务。如果你的在线帐号涉及数据泄漏，它会警告你。通过使用 Have I Been Pwned 的数据库，Mozilla Monitor 密切关注已知的数据泄漏并在涉及你的帐号时通知你，并为你提供进一步主动自我保护的指导。

关于数据外泄的普遍性问题

什么是数据泄露？

A data breach happens when personal or private information gets exposed, stolen or copied without permission. These security incidents can result from cyber attacks on websites, apps or any database where people's personal information resides. A data breach can also happen accidentally, like if someone's login credentials get posted publicly.

为什么我会在一次数据泄露中？

入侵者们的目标常常是通过有着成千上万用户的大公司获取许多个人信息和证书。这些骇客们在寻找安全系统的缺陷——就像是在找一扇开着的门或者窗。一旦他们找到了门和窗，他们就会复制尽可能多的个人信息。我们不能确切了解他们要这些数据干什么，但他们会尝试从中获得利益。虽然因此产生的影响通常不是即刻出现的，但长期影响可能十分严峻。

数据泄漏经常导致数字身份失窃。一旦骇客获取你的身份信息，比如邮箱和密码，他们就可能伪装成你，进而对你造成财产和感情压力。

数据外泄时什么样的数据被曝光？

Not all breaches expose the same information. It just depends on what hackers can access. Many data breaches expose email addresses and passwords. Others expose more sensitive information, such as credit card numbers, passport numbers and social security numbers.

我的数据被外泄，我需要担心吗？

You should take steps to protect your personal information and accounts. If your password and email address get exposed, hackers can sell that information on the dark web to the highest bidder. Whoever buys that information can try to use it to gain access to your other online accounts. These cybercriminals may try to steal your identity, make purchases or take out loans in your name.

泄露发生在多年之前或者是一个旧的帐号，还需要担心吗？

You should still take steps to protect yourself. Sometimes it takes years for credentials exposed in a data breach to surface on the dark web. If you haven't changed your password on the affected account yet, do that immediately. If you use that password elsewhere, you should change those too. Otherwise, hackers can use your login details on other websites.

我刚刚发现我的数据被泄露了。我应该怎么办？

破坏者依赖人们复用密码，所以为每个帐号 使用难猜的、不同的密码 非常重要。请将密码保存在安全并且私密的地方；比如你保存重要文件的地方或者是使用 密码管理器。请参看 如何安全上网 和 发生数据外泄后该怎么办 了解更多信息。

反病毒软件会防止数据泄露吗？

Antivirus software can't prevent data breaches from happening. It scans your computer for viruses and other malicious software but can't prevent anyone from gaining unauthorized access to your online accounts. Cybercriminals hack the websites themselves, not your computer. 反病毒软件 不能

• Prevent someone from hacking into a website and stealing your login credentials.
• Prevent someone with your password from logging in to one of your accounts.
• Always detect scam or phishing emails that prompt you to enter your email address and password.

关于 Mozilla Monitor 入侵监控

为什么花这么长时间才通知我数据泄漏？

It can sometimes take months or years for credentials exposed in a data breach to appear on the dark web. We send notifications as soon as a breach is discovered, verified and added to our database.

我并不知道该公司或网站。为什么我在被泄露之列？

There are several reasons why you might not recognize the company or breach name:

• The site may have changed names or been sold to a new company.
• It could be an old account you forgot about.
• Someone may have created an account for you.
• The breach may be a combolist. A combolist is a collection of different data breaches. Hackers combined the passwords and email addresses from many data breaches into one single list.
• A data aggregator was breached. These companies collect your information from other sources. Data aggregators compile publicly available data and buy customer data from other companies. You may have an account with a company that sold your information to a data aggregator.

我怎么知道邮件是来自 Mozilla 还是罪犯？

Check the email address in the sender's field. Mozilla Monitor emails will always come from breach-alerts@mozilla.com. Firefox will never ask you to enter your login credentials or password in an email. Most online services won't ask you to enter your login info directly from an email. If they do, you should instead go directly to their website to sign in.

Mozilla Monitor 是如何处理敏感数据？

Email addresses involved in sensitive site breaches are not publicly searchable for privacy reasons. You must be signed in or subscribed to Mozilla Monitor alerts. To find out if your info appears in a sensitive breach, you'll need to sign up for an account through Mozilla Monitor and verify your email.

Mozilla Monitor 如何知道我在数据泄露之列？

Mozilla Monitor 从公开数据 我被入侵了吗 里搜索数据泄露信息。如果你不想在其中看到你的电子邮件，请访问该网站的 不想被列出 页面。

Mozilla Monitor 知道我泄漏的密码吗？

Mozilla Monitor does not know your passwords. It keeps your data anonymous when it transfers breach data to you. Read more about our k-Anonymity technique.

Mozilla Monitor 的数据库范围有多广？

Mozilla 监控会在最早2007年的公开数据中搜索你的电子邮件。

我在其他浏览器，比如 Chrome、Safari，能用 Mozilla Monitor 吗？

Yes. Mozilla Monitor works on all browsers. You can sign up for a Mozilla account on any browser, and we'll monitor your email for data breaches.

Mozilla Monitor 的泄露数据库有多详细？

由于有的泄露还没有被披露，所以它们不会出现在我们的数据库中。还有些因为我们的数据来源 我被入侵了吗 没有获得这些数据泄露的详情。如果你有账户的公司通知你有一个安全事故，那么请仔细阅读事故详情并根据建议采取保护账户的行动。

我是否需要 Mozilla 账户才能获得 Mozilla Monitor 的报警？

Yes. However, you may search your email address in publicly available data breaches without signing up for an account. To sign up for alerts about future breaches and to get your detailed report, you'll need to sign up for a Mozilla account on monitor.mozilla.org.

我有不同的法定名称，我想跟踪并从数据代理中删除这些名称。我需要注册两个单独的 Mozilla 账户和付费订阅才能这样做吗？

我们绝对不希望这对已改名或可能有多个名字的人产生负面影响或效果不佳。我们正在开发这个发布后版本，很抱歉我们今天没有对此可用的功能，但这对我们来说是一个高度优先解决事项。

Mozilla Monitor 的费用是多少？

Mozilla Monitor 是 Mozilla 提供的一项免费服务，作为其安全产品组合的一部分，以及订阅产品 Mozilla VPN 和 Relay。

Mozilla Monitor 会保护我免受数据泄露吗？

No one — not even Firefox — can prevent data breaches from happening. We can alert you about breaches that affect you. We can help you understand what you need to do to mitigate the risks. We can recommend tools to use that make it easier to protect your information online, but you need to take action to protect your accounts. If a breach involves financial information, you'll need to monitor your financial accounts and credit reports for anything suspicious.

哪些类型的网站出售我的个人信息？

Certain websites are in the business of collecting and selling people’s personal information without their consent, which is unfortunately legal in the US. These sites are called data brokers and they make up a 240 billion dollar industry. They use sophisticated methods to collect personal, financial, location and even health information, often without your consent or even your knowledge. They’ll sell what they’ve collected to third parties, profiting from your information and leaving you open to violations of your privacy and security.

这些网站收集关于我的哪些信息？

They collect all the personal information about you that they can: legal name, email address, home addresses, phone numbers, family information, financial details, health details, browsing history, purchase history, and more. With this information, they’ll create a profile about who they think you are, package your profile up with similar profiles, and sell it for a profit.

如何收集我的个人信息？

Sites that sell your personal information may find that info in government and public records such as real estate transactions, court records, marriage certificates and business licenses. They may also purchase it from other sites, such as an app or social media site that you use or a loyalty program you’ve signed up for. They can even pay companies to place trackers directly on other sites to gather information about your online habits. This shows just how important it is to reduce your digital footprint and take steps to protect your online privacy.

这些网站会如何处理我的个人信息？

Typically, these sites make money by selling your personal information. This can lead to more spam emails, robocalls and junk text messages. It could publicly expose your physical home address and personal contact information. And in a worst-case scenario, you could become a victim of identity theft or fraud.

Even if a site doesn’t sell your information, they are an attractive target for hackers, which could compromise your information and put you at risk. One major example is the 2018 security breach of Apollo, a sales engagement startup with a database of 200 million contacts at 10 million companies. This security breach exposed the names, job titles, employers, social media handles, phone numbers and email addresses of 200 million people. This breach is a great example of how you can protect yourself by getting off of these websites’ lists in the first place. The less people who have access to your data, the better.

如何从收集和出售个人信息的网站上手动删除我的个人信息？

大多数网站都允许您请求从其网站上删除您的个人信息，并且该过程因网站而异。有些人可能在网上有选择退出表格，而另一些人可能要求您邮寄一封信。

但是，请务必注意，这些请求只会要求网站本身删除您的信息。如果公共记录中提供这些信息，他们可能会在将来从其他来源再次添加您的信息。随着时间的推移，您可能需要定期请求移除。

首先访问发布您信息的网站，并搜索删除或选择退出说明。您必须为要选择退出的每个网站单独提出移除请求。

Mozilla Monitor 如何帮助从出售我的个人信息的网站中删除我的个人信息？

我们在出售个人信息的主要数据代理网站上搜索您的个人信息，并向您显示每个网站收集的有关您的信息。然后我们可以帮助您删除它。

从这些网站中删除您的信息通常是一个耗时且持续的手动过程。一旦您确定其中哪些人存储了您的信息，您就需要单独联系每个人并要求他们删除您的个人资料。但是，即使您的数据已从这些网站中删除，如果他们发现或购买了有关您的新信息，这些数据也可能在以后重新出现。这些网站会定期收集数据，删除您的信息并不一定会阻止其中许多网站以后再次添加数据。

为什么需要我的个人信息？

We ask for your personal information so we can search for it on sites that sell personal information. We only use this data in order to find where it’s being exposed on these sites. We never sell your information and our Personal Data Promise means we implement security measures to keep your personal info safe, and design products that prioritize your privacy.

Mozilla Monitor 需要多长时间才能从这些网站中删除我的信息？

一旦我们确定哪些网站有您的信息，我们就会着手请求删除。删除过程可能需要一些时间，具体取决于网站的响应速度以及他们为处理删除所设置的步骤。您可能会在当天就看到删除开始进行，但有些可能需要更长的时间，具体取决于数据代理商的合规情况。

Mozilla Monitor 会从哪些网站删除我的个人信息？

We currently remove personal information from the most common data broker sites which are most likely to have your information, with more to come in the future.

Mozilla Monitor 会从 Google 搜索中删除我的信息吗？

No, we can’t remove your personal info from search engines like Google or even social media sites like Facebook. In general, we cannot remove your information from services where you’ve signed up for an account, or from government websites that have publicly-available information. However, removing your personal data from data brokers will help reduce how much of it appears in search results.

我住过很多地方。我应该使用哪个城市和州？

You should use your most recent city and state. These sites may have collected multiple addresses for you, so even if you only add your most recent address, you may find records of places you’ve lived in the past. Adding your birthday can help improve the accuracy of your results by reducing the chance of you finding profiles of people with the same name as you.

在我的个人信息暴露扫描中，不同的状态意味着什么？

“In progress” means that our automated removal process is underway. “Fixed” means that we have successfully removed your personal information from the site selling it.

要更好地理解 Monitor 的不同状态，请参看 Monitor 状态的标识 一文。

为什么从这些网站上删除我的个人信息需要这么长时间？

部分原因是这些网站并不急于删除您的信息；法律上没有强制要求，而且他们通过出售信息来赚钱。他们也可能通过从其他来源收集信息，从而快速地重新添加您的信息。移除您的信息是一个持续不断的过程。

为什么数据删除仅在美国可用？它什么时候可以在我的国家/地区使用？

Data removal is only available in the US because of legislation that allows data brokers to operate there. In many other countries and in regions like the EU, laws like GDPR prevent these websites from collecting and selling people’s personal information without their consent. We’re exploring ways to expand protection and personal data removal outside of the US where needed.

为什么你会自动删除个人信息泄露，但让我自己修复数据泄露？

Many data breaches expose your passwords and even sensitive info like your bank information or your social security number. Fixing these data breaches requires manual steps that only you can do – like creating a new password, calling your bank, or freezing your credit. We will guide you through the process of fixing data breaches that require these manual steps.

相关文章

• 在 Mozilla Monitor 消解数据泄漏事件
• Mozilla Monitor 新手上路
• 发生数据外泄后该怎么办
• 如何退出 Mozilla Monitor

了解更多

• 参见 Firefox 密码管理器——被入侵网站的警报，了解 Firefox 中关于已知数据泄露中暴露的已保存登录名和密码的警报。