Have you heard of Mozilla’s Firefox Monitor, a free tool that you can use to see if your email address has been compromised in any data breaches? This tool is simple to use; learn more about it below! 

Mozilla partnered with Troy Hunt, who runs the “Have I Been Pwned?” website, to create this tool. Hunt provides access to a database that contains more than 5.5 billion email addresses that have been exposed through real-life data breaches. It is updated regularly.

This tool is free to anyone, and it allows you to see whether your email address has been compromised in any publicly known data breaches. If it has, you’ll be able to read details about that data breach, such as when it occurred and the types of personal data it exposed.

When you use the tool, your email address and privacy are protected by means of a data anonymization technique known as k-anonymity. Your email address is not saved unless you specifically allow it.

How to Use the Tool

Using Firefox Monitor is quick and easy. To find out whether your email address has been compromised, follow these three steps.

  1. Go to https://monitor.firefox.com/.
  2. Enter your email address.
  3. Click the “Scan” button.

Upon scanning the database, you will have the option to sign up for the free Firefox Monitor service. If you subscribe to this service, Mozilla will store your email address and check it against those exposed in any newly reported data breaches. They will notify you by email if it was compromised. As a reminder, if you just use the tool but do not subscribe to the service, Mozilla will not save your email.

What to Do If Your Email Has Been Breached

If Firefox Monitor reports that your email address has been compromised in a data breach, there are a few steps we recommend you take to protect yourself. Start with the following items, and contact your IT provider if you have additional concerns.

  • Change your password for the compromised account. Make sure it is strong and unique; don’t use the same password for multiple accounts.
  • Change your security questions and answers if you have them set up. Giving incorrect or nonsensical answers is best, as long as you remember the answers. If you do not feel comfortable doing this, be sure to select questions whose answers are not easily found on social media sites or through web searches.
  • Make sure you do not use the same email address and password combination for other accounts. If you have the same combinations, change those passwords and Q&As as well.
  • Consider using two-factor authentication, especially for financial accounts. Many websites now offer this feature.

Contact Cardinal Technology Solutions today if you have any questions about this tool or concerns about a compromised email account.