I received a breach alert from Mozilla Monitor 4 months after breach occurred - was this a bogus alert?
Today (February 25, 2026) I received an email notice, apparently from Mozilla Monitor, advising me that my "Email addresses, Partial credit card data, Passwords, and Phone numbers" had been exposed in a data breach at Canadian Tire. This email seemed legitimate (the sender was breach-alerts@mozilla.com), but since it gave me a link to login to Mozilla Monitor, my first concern was that this might be a phishing email and it would be dangerous to click on that link. Instead, I went through the Firefox settings to login to my Firefox account and from there, I checked what Monitor had reported. The Canadian Tire breach was not listed there. However, when I went to haveibeenpwned.com, the Canadian Tire breach was listed there. It showed that the breach occurred on October 25, 2025. So why was the breach not listed for me on Mozilla Monitor? And why would I have received an alert from Monitor 4 months after the breach? Was this breach alert notice actually a phishing scam perpetrated by someone using the information from haveibeenpwned.com as bait?
所有回复 (3)
Hi, Canadian Tire has been added to the Mozilla Monitor yesterday (FEB 25), after sending emails. Definitely not a scam.
Breaches are added to HIBP after receiving information about them, not when they occur.
Thanks for this explanation. Canadian Tire’s notice on its own website is dated November, so this breach has been known publicly for at least 3 months. Still quite a lag time for it to appear on Monitor,
As said on https://monitor.mozilla.org/en/breach-details/CanadianTire#delayed-reporting
Why did it take so long to report this breach? It can sometimes take months or years for credentials exposed in a data breach to appear on the dark web. Breaches get added to our database as soon as they have been discovered and verified.