Firefox 62 comes with Firefox Monitor that notifies if you've been pwned
Data breaches are a common occurrence in the digital world we live in and many users often find their accounts compromised when large data breaches occur. Firefox aims to provide a way for users to understand whether their accounts have been found in compromised databases or not by bundling the Firefox Monitor add-on in Firefox 62.
Recently, Mozilla ran a Shield Study in the United States with about 250,000 users to gauge user experience and engagement with Firefox Monitor. Firefox Monitor relies on the HaveIBeenPwned.com backend created by renowned security expert Troy Hunt. The service is a database of all email accounts that have been compromised in data breaches. Mozilla says that users' email addresses entered into Firefox Monitor will be handled in an anonymized manner.
So what's special about this add-on when you can directly visit HaveIBeenPwned.com from just about any browser? Well, apart from querying data from the backend, Firefox Monitor lets users sign up for alerts if their email address eventually appears in a newly compromised database. The add-on will also display a notification if the user visits any of the breached sites indexed by HaveIBeenPwned.com.
The initial rollout of the add-on will be restricted to about 0.5% of EN-US users on September 5 and will gradually rollout to 100% of EN-US users on September 25. If there are any issues with the rollout, the service will be made available only via the Firefox Monitor website. Those who wish to disable Firefox Monitor altogether can do so by going to about:config?filter=extensions.fxmonitor.enabled and setting the preference to False. Do note that this flag will only be available in Firefox 62 onwards; even the latest Nightly builds do not have this flag yet.
While HaveIBeenPwned.com maintains a highly comprehensive database, new entries with respect to latest breaches might still take time to get enlisted. Therefore, the usual advice of being careful online still applies.