Mozilla has created a new security tool for Firefox that warns users for stolen or hacked accounts. The tool is called Firefox Monitor and makes use of data provided by Have I Been Pwned, a search engine that allows users to check whether their data is in 5 billion stolen records coming from hacked websites.
According to Mozilla there is a strong increase in data leaks and therefore the organization has decided to develop Firefox Monitor, so users can easily check whether their data has been stolen. To check whether their account is listed in data obtained in hacks, users have to enter their email address in Firefox Monitor. Mozilla stresses that privacy is very important to them and that the email address is never shared with third parties.
Mozilla also doesn't sent the entire email address to Have I Been Pwned. When a user enter his email address, Firefox Monitor creates an irreversible hash and only sends the first six characters to Have I Been Pwned. Based on these characters the Have I Been Pwned service is able to determine whether the email address was ever part of a data leak and sends back results to Firefox Monitor.
Firefox Monitor is currently still in a beta stage. Next week 250,000 Firefox users, mainly in the United States, will be invited to test the feature. Once Mozilla is happy with the test results, the service will become available to all Firefox users.
