Firefox monitor displaying false information
Hey guys
Really love all the work Mozilla do and all you stand for, been inspirational throughout the years. My company holds big SEO conferences in Vegas and London each year under the brand UnGagged.com with a 10 million person forum, based on an idea from a chance meeting with Blake Ross circa 2005 in London UK.
Anyway - one of our forums https://www.blackhatworld.com/ has been incorrectly identified as having a data breach on the new Firefox Monitor see attached. I believe this is due to the false data found on https://haveibeenpwned.com/ which we have reached out to the founder Troy Hunt a number of years ago who has been unable to confirm the data breach or even an email address of a member at a specific point under the understandable guise of "data protection". We ask that our sites https://www.blackhatworld.com/ have this false positive removed from the Monitor tool and we are allowed to know if any other data source was used to incorrectly identify us.
Many Thanks Damien Trevatt CEO - DotCom Consultancy Ltd.
由DotComDamien于修改
被采纳的解决方案
According to HIBP, that website was hacked. If the website owner disagrees, than they can contact HIBP. However, HIBP doesn't put websites in that database without good cause, so I imagine that there is a reason that website is listed.
If you really are the website owner, it's possible you want to avoid any potential embarrassment, but the risk to users is not worth potential risk to the website reputation, so please just coordinate with your IT team to improve security and work with HIBP to verify the hack.
定位到答案原位置 👍 0所有回复 (8)
Thanks for the feedback, however, the data Firefox Monitor uses is provided by haveibeenpwned, so you should coordinate with them about removing it.
Thanks Tyler - as mentioned I've been onto "have I been pwned" and their owner Troy Hunt - they have no interest in correcting their data - shame to see Mozilla using faked data to build an interesting product.
由DotComDamien于修改
选择的解决方案
According to HIBP, that website was hacked. If the website owner disagrees, than they can contact HIBP. However, HIBP doesn't put websites in that database without good cause, so I imagine that there is a reason that website is listed.
If you really are the website owner, it's possible you want to avoid any potential embarrassment, but the risk to users is not worth potential risk to the website reputation, so please just coordinate with your IT team to improve security and work with HIBP to verify the hack.
OK you're passing the buck - back to HIBP we go.
由DotComDamien于修改
Firefox monitor IS indeed displaying wrong information. I ran a search on https://monitor.firefox.com and the results are showing sites I don't even have an account in. What gives?
Please start your own question, but monitor doesn't just show sites you had an account on, but potentially sites where your information was stored without your knowledge
It would be the responsibility of Firefox monitor to verify the validity of that information. When the data you’re basing a tool on is floored, the tool is, by association, floored.
Locking as the original question has been answered.