Mozilla with “Have I Been Pwned” on a data breach notification feature for Firefox.
Mozilla has collaborated with the website “Have I Been Pwned (HIBP)” to notify its browser’s users when they visit a website that has been data breached in the past.
For those people who are unaware, HIPB is a popular data breach notification website which allows people to check if their confidential data (login, email id or password) have been hacked or not.
What is “Have I Been Pwned”?
HIPB is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of their having been compromised or “pwned” in a data breach. This site came about after what was, at the time, the largest ever single breach of customer accounts.
Similar to “this site may be hacked” warning that Google search shows for a compromised website, the new feature dubbed ‘Breach Alerts’ for Firefox will pop up notifications if a user’s credentials have been involved in a recent data breach.
Data breach is the concept in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.
Recent data breach in 2k17
On, January 8, 2017, ESEA, one of the largest video gaming communities, issued a warning to players after discovering a breach. At the time, it wasn’t known what was stolen and how many people were affected. However, in January, Leaked Source revealed that 1,503,707 ESEA records had been added to its database and that leaked records included a great deal of private information: registration date, city, state, last login, username, first and last name, bcrypt hash, email address, date of birth, zip code, phone number, website URL, Steam ID, Xbox ID, and PSN ID.
It will help users to opt the service and learn more about it that notifies them (e.g. via email) when they may be affected by breaches in the future.”
Firefox is looking at a few different models for how this might work the main takeaway at present is that there’s an intent to surface data about one’s exposure directly within the browser.
Firefox is just looking at which sites have been breached and we’re discussing other ways of using the data in the future. They’ve got a broad reach and surfacing this info via Firefox is a great way to get more exposure to data breaches.
The new feature is available as an add-on code on GitHub, which can be compiled by anyone and imported into Firefox. Currently, only Firefox Developer Edition is supported.