Mozilla's browser integrates a new tool that lets you find out if your email address has been stolen by a hacker. Here's how
New security feature coming to Mozilla Firefox: future versions of the browser will integrate a tool called "Firefox Monitor Notification". This feature is already available on Firefox Quantum and will soon be extended to the standard browser, which will be able to send us alerts when we are browsing on a site that has been hacked in the past, resulting in the theft of personal data of registered users.
This tool, available in 26 languages (including Italian), has been developed together with "Have I Been Pwned?" (HIBP), a website that allows you to check if your email address has been stolen. HIPB, in practice, provides Mozilla with a constantly updated database of sites that have suffered theft of personal data of their registered users, so that Firefox can promptly warn us if we end up surfing on one of these sites. When we surf the web, in fact, very often we register to sites, fill out forms or communicate our email address and other data that are then stored. However, if the site to which we have communicated our data is violated by hackers, our data will also be stolen. HIBP is just a database containing all the stolen email addresses, on thousands and thousands of websites.
How does the Firefox service that warns us about "hacked" sites work
With the new Firefox tool it will show us a notification when we end up in one of these sites. It will be a single notification for each dangerous site and only if the site has been attacked at least once in the last 12 months. This way the user will be able to choose whether to continue browsing that site or not, without being flooded with pop up warning windows every time he reaches the site in question. Or they can also choose to have the Firefox tool analyze whether our address has been stolen (from this site or others), so they can change their password as soon as possible and avoid dangerous attacks.
If our email is on the HIBP list of stolen addresses we can also find out from which site and when it was stolen. Among the most blatant thefts of personal data from large websites that HIBP remembers are those against the sites of Adobe (October 2013, 153 million emails stolen), LinkedIn (May 2016, 164 million emails), Dailymotion (October 2016, 85 million) and Disqus (October 2017, 17.5 million).