Mozilla plans to add breach warnings to Firefox

Martin Brinkmann
Nov 23, 2017
Updated • Nov 23, 2017

Mozilla plans to add warning notifications to the Firefox browser when users visit websites that were hacked in the past.

Hacked web services and sites are a common occurrence on the Internet, and while hackers may have different goals when it comes to hacks, one lucrative target is a site's user database.

The Yahoo hack for instance put 3 billion user records in the hand of the hackers. In 2017, hacks managed to dump Equifax's database with 143 million customer records, and an Uber database with 57 million records.

While some companies have laws in place that require that companies disclose hacks, others don't. The reaction to hacks by companies is not identical, as there is no guideline to follow.

Users should be notified about breaches so that they can react to the news. Services like Have I been pwned have been created to make things easier for users. They maintain a database of hacked usernames / email addresses, and return to users whether these were leaked in hacks in the past.

These sites rely on getting access to the hacked data to add the information to the database.

Mozilla plans to add support for the Have I Been pwned database to Firefox.

firefox breach notifications

The main idea is to inform Firefox users of hacked sites when they visit these sites. The feature is currently in prototype stage and not yet implemented in Firefox.

The current iteration displays a prompt under the Firefox address bar when a previously hacked site is accessed in Firefox.

The prompt informs you that the site was hacked in the past, and provides an option to enter an email address or user name to check whether user data fell into the hands of the hackers.

You can follow development of the add-on on GitHub.

Closing Words

It is a good idea to add hack alerts to the Firefox web browser. While part of Firefox's userbase will get the information directly through affected email accounts or by reading news sites, others may not, and that is the target audience for the feature.

Mozilla should consider adding options to disable the feature entirely; while it appears that the alert is shown only once, it is of little benefit if an alert is displayed if the hack happened years ago.

The effectiveness of the feature depends entirely on the Have I Been Pwned database. The database depends on user dumps becoming available publicly, or being forwarded to the service privately.

It should be clear that this won't inform you about 100% of all data breaches. It would make sense for Mozilla to maintain a list of hacked sites even if the user database has not been made available yet. It is better to inform users about the hack as they may then react to it quickly.

All in all, this is an interesting feature if implemented correctly.

Now You: What's your take on this?

Mozilla plans to add breach warnings to Firefox
Article Name
Mozilla plans to add breach warnings to Firefox
Mozilla plans to add warning notifications to the Firefox browser when users visit websites that were hacked in the past.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Stefan said on November 24, 2017 at 5:53 am

    Firefox will soon block “unwanted” sites (political speech). No matter You think they are legitimate or not. Yes, true censorship by big brother….. Drop future Firefox or stay with what You have, as i will !

    1. Joe K. said on November 27, 2017 at 9:41 pm

      Pure nonsense. It’s fine to not like the direction Mozilla is taking Firefox, but straight up making things up is ridiculous and completely undermines whatever point you are attempting to make.

    2. SEO Mafia said on November 27, 2017 at 12:53 am

      52 ESR

  2. RayMann said on November 24, 2017 at 2:26 am

    This is clearly a step in the right direction. I hope this will save me some time from doing my own research.. Besides the obvious, what’s also worried me is that it’s all to easy for site owners/managers to anonymously fake a hack of their own site/systems (an inside job), and thus exploit the users in various ways. And if and when they get caught, they can just apologize and play the victim (plausible deniability). I have no idea how much that happens, but I’m sure it does and I doubt they have ever got caught.. Perhaps the next big cybersecurity news story?

    Personally, what I would also like is something that would block all homegrown sites running on WordPress; especially those that use sketchy plug-ins that are often not updated much, if at all.

  3. George said on November 24, 2017 at 12:48 am

    I’d really like to know whether Firefox will also display a breach warning if a Mozilla-related website gets hacked.

  4. KeZa said on November 23, 2017 at 6:51 pm

    The Fox Hunt – Firefox and friends compared

  5. Clairvaux said on November 23, 2017 at 6:46 pm

    I’m a regular reader of Troy Hunt’s site, the author of Have I been pwned, and managing those hacks is a delicate business. There’s a fine line to walk between neglecting the issue completely, uselessly alarming people, and giving users the way to fight back without helping hackers or breaching privacy. Troy Hunt takes great care to explain the how’s and why’s, and you need to absorb that before getting head-on into his database.

    Let’s hope this add-on will find the right balance. Just because one site was hacked some time ago does not mean you should write it off for ever. Many parts of the Web would be off-limits if one followed such a rule.

    There are too many cases of security theater doing more bad than good these days.

  6. Kubrick said on November 23, 2017 at 5:13 pm

    why would these sites not simply be included in the google safe browsing API which firefox uses.?
    this is pointless.

    1. Anonymous said on November 23, 2017 at 6:05 pm

      How about “because Google has nothing to do with this research” ?

      1. Anonymous said on November 26, 2017 at 4:22 pm

        Stanley, it’s going to be hard to add anything to Google safe browsing services without involving Google you know ?

        Currently this research takes the form of an add-on, bringing up Safe browsing now makes double no sense. Saying something that makes no sense while pointing fingers and passing judgement is the essence of the internet, so thank you for this user experience.

      2. Kubrick said on November 23, 2017 at 7:55 pm

        what babble.
        Your useless response has nothing to do with this research.

  7. xxx said on November 23, 2017 at 4:16 pm

    Getting bloated and bloated.

    1. Anonymous said on November 23, 2017 at 6:03 pm

      Good thing an add-on then.

    2. anon said on November 23, 2017 at 5:05 pm

      Meaningless word at this point.

      1. SEO Mafia said on November 27, 2017 at 12:50 am

        but it is !

  8. Richard Allen said on November 23, 2017 at 2:38 pm

    I think it’s a worthwhile idea and I agree that some settings should be available to maybe adjust how many times a warning is repeated and how far back in time it goes. Most of the people that I know don’t have a clue about many of the sites that have been hacked.

    Heck, what they should also do is at the same time inform people of sites that have distributed malware which will in turn put pressure on publishers and ad networks for needed changes in the ad ecosystem. Sadly, too many companies and corporations will not change until they are shamed into doing so and/or they lose revenue. Just my opinion.

    1. gh said on March 22, 2018 at 9:44 pm

      Warning is one thing ~~ honeypotting, by displaying “enter your email address and/or username” is another. I strenuously object to the latter.

  9. TelV said on November 23, 2017 at 1:47 pm

    Generally speaking I think companies and institutions which have experienced a data breach whereby email accounts have been stolen usually advise registered users to change both username and password. So what Mozilla is proposing to do is largely superfluous.

    Hopefully Moz will provide a means of disabling it otherwise it’s going to become yet another irritating popup.

  10. Sophie said on November 23, 2017 at 11:03 am



    1. SEO Mafia said on November 27, 2017 at 12:49 am

      It is a fine skin for Firefox. I have it in back-up !!

    2. Clairvaux said on November 23, 2017 at 6:34 pm

      I did not get it either. Not a word of it.

  11. Foxdie was Best said on November 23, 2017 at 8:01 am

    Mozilla plans to fill firefox’s closet up with things to make it go faster (I remember the programmers told me that) This must explain the tripple expanding foam straws shoved into the electrical extentions plugs and sockets. At least no adobe AIR or Bloated Addon will be able to escape now. So suck in your last breaths.
    I Liked Junk in the trunk all the way back at firefox 3.x, it’s why I got a palemoon with classic extensions and userscripts. It feels like flying a hot air balloon using the operating controls of a fork-lift. Maybe it’s dangerous even but I hope not. I watch the 3am lear jet flights so I know primary flight controls can be designed with much more refinement, It isn’t like I was asking for autopilot on long trips, but mozilla didn’t even give love to my aircraft’s paint job aka the theme “Foxdie and a UserChrome.css”

    Of couse my discourse again is tl;dr for any serious programmer of Mozilla, after all speed is of the essence. That’s why loading up a breech page is QUICKER than loading up a MALWARE page– However an old toothless crusty sysop told me when it’s too good to believe, just don’t peek under the PRIVACY hood too hard.

    OF course nothing will help against spider monkey

    1. SEO Mafia said on November 27, 2017 at 12:49 am

      I remember foxdie, was it 7.0.1 or later? Best GUI ever !!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.