Firefox monitor is a service that’s built into Firefox and accessible through a website. It’s the result of a partnership between Mozilla and Have I Been Pwned. Firefox monitor allows you to check if any accounts linked to your email address have been involved in a data breach.
You might be wondering how it does this or perhaps you’re wondering what a “data breach” is in the first place. Allow us to explain it the easy way.
What Is a Data Breach?
When you sign up for an account with an online service, they store data about you. This can include all sorts of information, but if it’s a commerce site it could include your credit card number. Personal information such as social security, your home address and more can be included in this information.
Competent online service providers will protect this information by using encryption, which means only someone with the right key (i.e. your password) can read the contents of the files.
When a data breach happens, it means that hackers have managed to download that (hopefully) encrypted data from the servers. At this point your information could be compromised and your credentials have a chance of being exposed as well. Assuming that the hackers manage to break the encryption, that is.
Why Should I Care About Data Breaches?
The average person on the street may not quite comprehend how serious a data breach can be. There is of course the possibility that stolen credit card information will be used to steal money from you. Although, as long as it’s not a result of your own negligence, credit card companies will return money lost through fraud.
A far more dangerous type of information abuse is identity theft. With the right information about you, criminals can pose as you and wreak havoc. This can include applying for loans under your name or anything really. Recovering from identity theft can be brutally hard to accomplish and this crime destroys lives every year.
If you’re the type of person who uses the same username and password combination across different sites and services, data breaches also put you at special risk. It means that it only takes one breach to expose your entire online life!
How Does Firefox Monitor Know I’m Compromised?
Firefox Monitor uses the same sources of information as Have I Been Pwned. While the contents of data breaches are released to the public in various ways, the most common source of this information comes from the Dark Web.
The Dark Web is a part of the web that can’t be accessed by normal means. The typical Dark Web site exists as a so-called “Onion” site. It has to be accessed through an encrypted network of anonymous computers. It’s in this hidden part of the web where you will find black markets that sell a whole range of illegal items, both physical and digital.
Hackers who steal and crack data collected during data breaches sell and distribute that information in darknet markets. Once those databases are out in the open market, sites like Have I Been Pwned collect that information and makes it searchable.
How Can I Use Firefox Monitor To Protect Myself?
There are two main ways in which you can use Firefox Monitor to help improve your login security. The first is to access the Firefox Monitor directly from the main menu of your Firefox Browser. Simply sign in with your Firefox account and you’ll be taken to the Firefox Monitor Dashboard.
The second way is to access the site through any browser. You don’t actually have to be a Firefox user to benefit from the monitor. You can then register email addresses which will be monitored for inclusion in breaches. As soon as your email address comes up in a breach, you’ll receive an email alert letting you know about it.
Good Security Habits That Protect Against Data Breaches
You have no control over whether you’re caught up in a data breach or not. Ultimately, it’s in the hands of the company or site owner that you’ve handed your data to. There is no such thing as a perfect security system and it’s inevitable that at least one of your logins will be compromised at some point.
While you can’t stop that from happening, you can lessen the impact of a data breach. The most important step to take is to ensure that every one of your passwords are unique. The main reason that breaches do so much damage is that people tend to reuse passwords. Hackers know this, so they’ll try to use the password on other websites you’re likely to have accounts with.
Apart from having unique passwords, you should use strong passwords. The most effective way to do this is by letting a password manager generate passwords for you and keep them on file.
Crucially, enable two-factor authentication (2FA) wherever it’s offered. 2FA ensures that even if both your email and password are compromised, that’s still not enough to access your account.
What to Do After a Data Breach
If you’re unlucky enough to be caught in a data breach, you should select the “resolve this breach” button in Firefox monitor and check exactly what types of data have been compromised. Some data you can’t change, for example if your date of birth has been leaked, you obviously can’t change it.
However, wherever possible you should change any compromised information. That means usernames, passwords and credit card numbers at the very least.
It’s important to be vigilant not only about potential access to your accounts, but other ways your information can be used against you. You may be targeted for spear phishing, which is a type of attack where your personal info is used to fool you.
The attacker may pose as someone you know and trick you into giving away access to your bank account or have you pay money over into their account. You may also be targeted as a way to get into the information of the company you work for or some other indirect target accessible through your connections.
When you’ve been part of a data breach where personal information has been stolen, you should also look out for signs of identity theft, such as notifications that credit applications have been filed in your name.
Don’t Panic
That’s how the information provided by Firefox Monitor can protect your login details and help you prevent damage from private data that’s already been lost in old breaches. It can be scary to receive an email telling you that your information has been compromised, but the most important thing to do is avoid panic.
Look through the details of the breach carefully and systematically, then decide what specific countermeasures are right for the types of information that have been stolen. With a few key steps, as outlined above, you’re most likely going to be just fine.