- Mozilla's Firefox is teaming up with Troy Hunt's Have I Been Pwned to roll out a new data breach alert tool
- The partnership is the latest in a string of integration for the popular database
A new tool named Firefox Monitor will soon be introduced by Mozilla’s Firefox via a partnership with Have I Been Pwned to help alert users about data breaches.
Firefox Monitor will be launched on a trial basis with 250,000 Firefox users invited to try it. Based on the conclusions drawn from the trials, Firefox will continue developing the integration until the service is available by default to all Firefox users.
Integration with Have I Been Pwned will give Firefox browser an opportunity to enhance the security of its users.
Using the Firefox Monitor website, users can simply enter their account information to find out if their username and password has been previously compromised in a hack or leak. Mozilla is also dabbling with the idea of sending notifications to users about data breaches that include their personal data in the future.
“It is important that we not violate our users’ privacy expectations with respect to the handling of their email address. As such, we’ve worked closely with HIBP and Cloudflare to create a method of anonymized data sharing for Firefox Monitor, which never sends your full email address to a third party, outside of Mozilla,” Mozilla product manager Peter Dolanjski wrote in a blog post announcing the new feature.
Australian security researcher Troy Hunt’s Have I Been Pwned maintains a database of major breaches so people may know when their sensitive information - such as usernames, passwords, etc, have been compromised and stolen by cyber criminals. The site has a database of records from 289 hacked websites, including over 5.1 billion compromised accounts. “This is major because Firefox has an install base of hundreds of millions of people which significantly expands the audience that can be reached once this feature rolls out to the mainstream,” Hunt wrote in a blog post
However, Firefox isn’t Have I Been Pwned’s first integration.
The helpful security database has already been is integrated into a wide array of apps, including password managers 1Password and Okta. Several breached organizations, including law enforcement and other government agencies, are also increasingly pointing their users towards the site to stay aware of privacy and security incidents. Now, web browsers are following suit as well.
“As HIBP grows, I keep coming back to this question: ‘How can HIBP do good things for people in the wake of bad events?’ I'm really happy this initiative furthers that objective and does it in a way that puts privacy first,” Hunt said. “The leverage these two organisations have to drive positive outcomes in the wake of data breaches is massive and I'm enormously excited to see the impact they both make in partnership with HIBP.”