Mozilla has added a data breach notification to Firefox that warns the browser's users when their email address and credentials may have been obtained by hackers.
Dubbed Firefox Monitor, the free breach notification service debuted in September after some testing during the summer. Anyone -- not only Firefox users -- can steer to the service website, enter an email address and be told if that address was among those involved in successful, publicly-known breach attacks. Next steps were up to the user, including the obvious of changing the password(s) connected to that email address and/or website(s).
Notifications of the latest breaches were sent by Firefox Monitor to the user-submitted address. "Your email address will be scanned against those data breaches, and we'll let you know through a private email if you were involved," wrote Nick Nguyen, Mozilla's vice president of product strategy, in a Sept. 25 post to a company blog.
Mozilla's latest move brings a Monitor warning within Firefox.
"We are adding a notification to our Firefox Quantum browser that alerts desktop users when they visit a site that has had a recently reported data breach," Nguyen said in a Nov. 14 post.
Users will need to visit the Firefox Monitor site to see whether their email address was one of those exposed in the breach: The alert doesn't mean that the site's breach definitely affected the user. The in-browser alert leads users to the Monitor website.
Each hacked site will produce only one alert, so users won't be bombarded if they return, and only breaches within the last 12 months will generate a warning inside Firefox. Mozilla will gradually enable the Monitor notification feature within Firefox, according to Nguyen, who gave no timetable for completing that process. The next version, Firefox 64, is set to launch Dec. 11.
Advice and other tips on how to handle a breach can be found at Data Leeks, an odd recipe/data leak site maintained by Mozilla.