Firefox Alerted Me of Data Breachs.. What Do I Do?

Golden said:

And if that has been compromised, then so has the password

No. Possibly it has.
Most passwords were encrypted, stored separately and any 'plain text' issues were normally internal to the databases (which is being addressed now).
It is scaremongering to assume that every compromised email address also has a compromised password, do your research properly.

Infrasonic said:

No. Possibly it has.
Most passwords were encrypted, stored separately and any 'plain text' issues were normally internal to the databases (which is being addressed now).
It is scaremongering to assume that every compromised email address also has a compromised password, do your research properly.

Scaremongering? The best advice out there says if an account is compromised, the safest course of action is to immediately change the passwords for those accounts. You would have us believe otherwise?

Golden said:

Scaremongering? The best advice out there says if an account is compromised, the safest course of action is to immediately change the passwords for those accounts. You would have us believe otherwise?

Try actually researching how password breaches occur, rather than making assumptions. I've spent a few hundred hours researching that and general email security, I suggest you do the same, then come back with your 'informed' opinion.

There are compromised passwords floating about out there on the dark web, however it is a small percentage in comparison to the number of email addresses in the public domain that have been compromised. The reasons for that are obvious. Email addresses exist on far more databases than passwords do, historically addresses were often stored plain text, not encrypted et al (unlike the passwords).

margrave55 said:

This email message must surely not be the only spam you've ever received!That message cannot possible be from "firefox monitor". Firefox does not have your email address.

False. I sign in to Firefox with my email, and get these FULLY LEGIT warning emails when there has been breach.

Golden said:

You need to change the password for each site. Don't use the same password for all sites. You might find a password manager useful to allow you to easily manage multiple complex passwords. Have a look at Bitwarden.

Golden said:

And if that has been compromised, then so has the password

Correct. As soon as you suspect that your mail have been compromised, you should change the password.

Infrasonic said:

It is scaremongering to assume that every compromised email address also has a compromised password, do your research properly.

Incredibly stupid comment!

Golden said:

Scaremongering? The best advice out there says if an account is compromised, the safest course of action is to immediately change the passwords for those accounts. You would have us believe otherwise?

Yes. Absolutely, completely totally correct answer.

Infrasonic said:

Try actually researching how password breaches occur, rather than making assumptions. I've spent a few hundred hours researching that and general email security, I suggest you do the same, then come back with your 'informed' opinion.

It's a shame that your hundreds of hours of "research" has been for nothing. If an email address is compromised, the least a user can do is to change the password.

What an utterly, completely stupid inappropriate comment!

Kari

I completely agree with Kari.

Occam's razor - Wikipedia

Take action now.

yahanna said:

What about just delete my account on those sites? Those sites I dont use anyway. What do you think about that?

That might be a bit drastic if it is a legit site.

yahanna said:

What about just delete my account on those sites? Those sites I dont use anyway. What do you think about that?
.

If you no longer require them, then that is an option.

For any accounts you wish to keep, however, consider using a password manager (preferably with two-factor authentication) to avoid them being breached.