James Pearson

April 3, 2021

Firefox Monitor

Firefox Monitor is a useful tool for detecting and keeping track of data breaches. Have your details been compromised by hackers?


This blog post will show you how Firefox Monitor can be used to check for historical breaches (dating back to 2007) and how it can be used as a warning system for future ones.

Firefox Monitor
was officially released on September 25, 2018 after going through various refinements since June of the same year. The service is a partnership with Have I Been Pwned? (HIBP), an established grandmaster of data breech detection. Have I Been Pwned? provides the data with which the service checks for potential breaches, past and present. Troy Hunt, the security expert behind Have I Been Pwned?, explains why he partnered with Mozilla (Firefox Monitor) in his blog post "We're Baking Have I Been Pwned into Firefox and 1Password" TroyHunt.com (26 June, 2018). In brief, the hope is that with Firefox's "install base of hundreds of millions of people" the service can offer protection to a greater number of people.

So how does this all work? It's simple - the user can insert an email address and run a search to check for any data breaches since 2007 that may have compromised that email login. If you have a Firefox account you can also sign up to'breach alerts' for multiple email accounts so that you receive real time warnings once a breach is declared. The breach warnings provide information on what data may have been compromised: for example password and bank account details. Armed with this knowledge you have a head-start on the hackers - to change your personal details to prevent your data being abused.

It is also possible to view the complete list of data breaches by company - so if you're curious you can search the data and see who, when and what was compromised. Firefox Monitor also provides security tips and information about hacking, how to mitigate the threat and what to do after a data breach. All in all Firefox Monitor is a great tool for protecting your data and identity online.

If you are interested to know more on how Firefox Monitor came about and where its future may be heading we would highly recommend reading Matt Grimes' blog post "The Road to Firefox Monitor" Medium (September 25, 2018). 

My Bit-By-Bit guide to using Firefox Monitor follows…


The Firefox Mozilla service can be accessed by a desktop or mobile device at https://monitor.firefox.com. If you are using the Firefox browser and logged into your Firefox account then you click on your profile picture in top right hand corner of the browser to access Firefox Monitor under the list of Firefox Services.

Not Signed In

Firefox Monitor
provides a lot of functionality even if you do not sign-up/sign-in to a Firefox account.

The 'home' window when not logged in.

  • Enter your email address into the Enter Email Address field and click on the Check for Breaches button to see which, if any, of your accounts have been breached. If an account has been breached then you will see a summary of the breach.

The 'breach summary' window.

The breach summary will include details of the service that was breached, when this occurred and what type of data that was compromised.

The 'latest breach' window with links to security tips.

If we return to the Firefox Monitor home page there is also a section that shows the most recent breach and displays links to guidance and tips on improving your overall online security. Clicking on any of the guidance links will take you to the Security Tips page.

The 'Security Tips' window.

  • Click on the individual links for guidance on creating strong passwords, using password managers, what to do after a data breach and the steps you can take to protect your online identity.

The 'Breaches' window.

If you click on the Breaches link at the top you will be able to search the full database of known breaches dating back to 2007. You can search for a specific service / company here and see if they have been compromised. Information includes: when the breach occurred and what data was stolen.

Signed In

Signing in to a Firefox account enables you to sign up for alerts to get notified of any future breaches. It’s a really useful feature which could be the different between having your account hacked or not.
The 'Sign up' window.

You can sign in at the top right of the screen, or if you are on the home page there is also a sign in link at the bottom as well as a Sign up for Alerts button to sign up for a Firefox account if you do not currently have one.

The 'Breach Summary' report on the home page when signed in.

Once signed in, the Firefox Monitor home page will change to display a personalised breach summary. The breach summary will list how many email addresses are being monitored(you can monitor as many email addresses as you like), how many data breaches have occurred and if you have marked these as resolved or not. You can manually mark a data breached as resolved if you feel you have taken the recommended steps to mitigate the breach, for example changing your password.

The 'Email Addresses' window.

So how do you add different email addresses to your monitor list?

  • Click on the Manage Email Addresses button near the top of the Email Addresses section.

The 'Breach Alert Notifications' window.

When an account is compromised the affected email address will receive the email alert. Under the Breach Alert Notifications heading you can change this, so that all alerts come to the designated primary email address instead. The default primary email address will be the one associated with your Firefox account, however, this can be changed by clicking on the Change Primary Email Address link. This page is also where you can delete any monitored email addresses you have added - simply click on the bin icon next to the email you wish to stop tracking.

A detailed breach report.

If you click on one of the data breach tiles listed you will see a more detailed account of the breach. In the case above you can see that the data that was compromised included the IP address, phone number, email address, date of birth, the address of the user and other additional information. At the bottom of this analysis you can choose wether or not to mark the breach as resolved.

The resolved breach option.

Once you feel that you have taken the necessary steps to protect your identity after a breach, for example changing your password, then you can manually mark the breach as resolved and this will be updated on the home page.