Once the service goes live in the coming weeks, Firefox users running version 62 and later will see an icon appear in the address bar when they visit a known breached website.
Clicking on this will reveal details of the specific breach supplied through Firefox’s integration with the Have I Been Pwned (HIBP) website, which Naked Security covered in September.
This will read something like:
More than x number of email accounts from example.domain were compromised in 2018. Check Firefox Monitor to see if yours is at risk.
Notice the alert won’t tell Firefox users that their personal account has been breached, only that they should check for themselves, offering them a link to do this.
The first time Firefox users see a breach alert for any website, it will relate to those added to the HIBP database in the preceding 12 months (the actual breach may have happened years earlier of course).
From there on, to avoid alert fatigue, the cut-off will be websites added within the preceding two months.
It will also be possible to turn alerts off completely by hitting ‘never show Firefox Monitor alerts’ on the notification drop-down box.