Find Out Whether You Are a Data Breach Victim in a Minute or Less

Mozilla has introduced Firefox Monitor, a free tool that you can use to see if your email address has been compromised in any data breaches. Discover how simple it is to use this tool.

Anyone can use this free tool to see whether their email address has been compromised in any publicly known data breaches. If so, details about that data breach are included, such as when it occurred and the types of personal data exposed.

Mozilla partnered with Troy Hunt, who runs the “Have I Been Pwned?” website, to create this tool. Hunt is providing the database against which entered email addresses are checked. The database contains more than 5.5 billion email addresses that have been exposed through real-life data breaches. It is updated regularly.

When you use the tool, your email address and privacy are protected by means of a data anonymization technique known as k-anonymity. Your email address is not saved unless you specifically allow it.


How to Use the Tool

Using Firefox Monitor is quick and easy. To find out whether your email address has been compromised, you just need to:

  1. Go to https://monitor.firefox.com/.
  2. Enter your email address.
  3. Click the “Scan” button.

You will then see the results. You have the option of signing up for the free Firefox Monitor service. If you subscribe to this service, Mozilla will check your email address against those exposed in any newly reported data breaches and will notify you by email if it was compromised. When you sign up for this service, Mozilla stores your email address. (If you just use the tool, Mozilla does not save it.)


What to Do If Your Email Has Been Breached

If Firefox Monitor reports that your email address has been compromised in a data breach, you should take steps to protect yourself. A good starting point is to:

  • Change your password for that account. Make sure it is strong and unique.
  • Change your security questions and answers (Q&As) if you set them. Giving incorrect or nonsensical answers is best. If you do not feel comfortable doing this, be sure to select questions whose answers are not easily found on social media sites or through web searches.
  • Make sure you did not use the same email address-password combination for other accounts. If you did, change those passwords and Q&As as well.
  • Consider using two-factor authentication, especially for financial accounts. Many websites now offer this feature.

Contact us if you have any questions or specific concerns.

Add a comment