Mozilla has added a new feature to Firefox to alert users when they visit a website that has been part of a data breach in the past.
Earlier this year, the Internet organization launched Firefox Monitor, a service to inform users if their accounts have been part of data breaches. Enjoying support for Cloudflare, the service uses data from Troy Hunt’s Have I Been Pwned (HIBP) website to keep track of compromised accounts.
The newly announced Firefox alert is the latest improvement Mozilla brings to Firefox Monitor and takes advantage of the very same HIBP data to warn users of breached websites.
“To help users who might have otherwise missed breach news or email alerts, we are integrating alerts into Firefox that will notify users when they visit a site that has been breached in the past. This feature integrates notifications into the user’s browsing experience,” Mozilla’s Luke Crouch explains.
What users should keep in mind when receiving these alerts, however, is the fact that neither HIBP nor Mozilla know if they changed their passwords after a breach or if they reused the same passwords on another account.
“So we do not know whether an individual user is still at risk, and cannot trigger user-specific alerts,” Crouch points out.
Initially, Firefox will display the alert if the user has never seen such a warning before, but only for breached sites that have been added to HIBP within the last 12 months. After that, the alert will be displayed to the user if they visit a breached site that has been added to HIBP within the last 2 months.
The 12-month and 2-month policy, Mozilla believes, involves reasonable timeframes to inform users on password-reuse and unchanged-password risks.
“A longer alert timeframe would help us ensure we make even more users aware of the password-reuse risk. However, we don’t want to alarm users or to create noise by triggering alerts for sites that have long since taken significant steps to protect their users. That noise could decrease the value and usability of an important security feature,” Crouch says.
The initial approach is meant to bring attention, awareness, and information to users, as well as to begin receiving feedback from them.
Moving forth, however, Mozilla plans on implementing a more sophisticated alert policy, and says it would work together with users, partners, and service operators for that. Such a policy would be based on “stronger signals of individual user risk, and website mitigations.”
Related: Credential Stuffing Attacks Are Reaching DDoS Proportions

More from Ionut Arghire
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Atlassian Warns of Critical Jira Service Management Vulnerability
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- Google Shells Out $600,000 for OSS-Fuzz Project Integrations
- F5 BIG-IP Vulnerability Can Lead to DoS, Code Execution
- Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots
- HeadCrab Botnet Ensnares 1,200 Redis Servers for Cryptomining
- Malicious NPM, PyPI Packages Stealing User Information
Latest News
- Fraudulent “CryptoRom” Apps Slip Through Apple and Google App Store Review Process
- US Downs Chinese Balloon Off Carolina Coast
- Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op
- Feds Say Cyberattack Caused Suicide Helpline’s Outage
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
