In June, Mozilla launched a test of the new security application Firefox Monitor. This is to inform users of Firefox, if their e-mail address was compromised during a digital break-in. For this purpose, Mozilla has launched a cooperation with Troy Hunt and his service Have I been Pwned (HIBP).
Now Mozilla has announced due to a good test and positive response in the Mozilla blog that the innovation for all Firefox users will be unlocked. It aims to raise awareness of the threat posed by compromised e-mail addresses through a two-step process.
The first step checks whether an email address has already been compromised in the event of a break-in in the past. The query takes place on the Firefox Monitor website, which queries HIBP in the background. The service will find more widespread use of a Mozilla website than before.
Since it is impossible to keep track of the ever-increasing thefts of millions of records without regularly repeated searches, whether your own e-mail address was affected in one of these robberies, Mozilla offers in a second step, a notification function.
Here the user can register his e-mail addresses and will be informed in case of compromise. However, there are still problems, as one of us tested address was declared clean in the simple query, but minutes later after the registration by e-mail a warning came, the address has been compromised since February 2018.
Also a repetition of the procedure brought the same result, whereby also astonished that the same E-Mail address could be registered twice. How two contradictory results are possible when using the same database remains unclear for the time being.
Edit: According to Mozilla this behavior is wanted. Sensitive Breaches are only visible to registered users.
Submitted by: Arnfried Walbrecht