Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox Account May Have Been Compromised, How To Find Out More?

  • 2 majibu
  • 1 ana tatizo hili
  • 1 view
  • Last reply by ploomstarr

more options

I suspect my firefox account was compromised as I have found evidence of my email being tampered with and certain emails having been deleted and then deleted from my trash. I was able to use an email recovery addon to recover the emails.

I am currently investigating whether the breach was through my email or through firefox, as it is synced into my email. Unfortunately, gmail does not go back far enough to show any session activity beyond the last 10. I am trying to get in touch with somebody on that end to help me determine whether it was just my email.

I am reaching out here to ask if there is a way to see if there is a way to pull session activity on a firefox account. I checked security and found that only 3 devices had been signed onto my account, all of which were PCs/laptops that I owned. I signed out of all of the devices, relogged on my PC and changed my password and setup 2FA. There is a possibility of a fourth device having connected to my firefox but the suspect may have signed their device out.

My only other suspicion of any potential breach through firefox is one of my laptops that I had reformatted and gave away. Could someone have recovered my firefox login on that laptop and used that to sync into my firefox account and then gain access to my saved passwords and so on?

If that is the case, I can follow up on that and see who handled the laptop since it left my possession.

I appreciate any help in advance.

I suspect my firefox account was compromised as I have found evidence of my email being tampered with and certain emails having been deleted and then deleted from my trash. I was able to use an email recovery addon to recover the emails. I am currently investigating whether the breach was through my email or through firefox, as it is synced into my email. Unfortunately, gmail does not go back far enough to show any session activity beyond the last 10. I am trying to get in touch with somebody on that end to help me determine whether it was just my email. I am reaching out here to ask if there is a way to see if there is a way to pull session activity on a firefox account. I checked security and found that only 3 devices had been signed onto my account, all of which were PCs/laptops that I owned. I signed out of all of the devices, relogged on my PC and changed my password and setup 2FA. There is a possibility of a fourth device having connected to my firefox but the suspect may have signed their device out. My only other suspicion of any potential breach through firefox is one of my laptops that I had reformatted and gave away. Could someone have recovered my firefox login on that laptop and used that to sync into my firefox account and then gain access to my saved passwords and so on? If that is the case, I can follow up on that and see who handled the laptop since it left my possession. I appreciate any help in advance.

All Replies (2)

more options

Email service providers, as well as many other companies, these days will notify you when your account has been accessed from a different machine. Sometimes they will also send you a verfication code to use as an extra step for logging into your account.

So even if someone stole your password and then used it from a different machine, the server would take note and send you an FYI to your email account on record. And likely the note will say, If this was you logging into the account please disregard. If it wasnt you, then you need to log in from this machine and fix the security issues they found with your account.

So you question is, can FF be the culprit?

Imo, unless you downloaded FireFOx from www.comrades4america.ussr.gov , i would not think your FF has been compromised. However, if you installed other things on FF and or your operating system, then its possible Mr Comrade may have infiltrated your system.

At this time, you seem to be experiencing a stable FF while in safemode? Please give us an update.

more options

·´¯`·...¸>-)))º> ~dbben said

Email service providers, as well as many other companies, these days will notify you when your account has been accessed from a different machine. Sometimes they will also send you a verfication code to use as an extra step for logging into your account. So even if someone stole your password and then used it from a different machine, the server would take note and send you an FYI to your email account on record. And likely the note will say, If this was you logging into the account please disregard. If it wasnt you, then you need to log in from this machine and fix the security issues they found with your account. So you question is, can FF be the culprit? Imo, unless you downloaded FireFOx from www.comrades4america.ussr.gov , i would not think your FF has been compromised. However, if you installed other things on FF and or your operating system, then its possible Mr Comrade may have infiltrated your system. At this time, you seem to be experiencing a stable FF while in safemode? Please give us an update.

Thanks for the reply. I am aware that most places send you a notification about a login, especially from a new device/ip. However, I did not get any such email from google or FF about a login (on my outlook email) around the time of the tampering. I did, however, get notification emails from certain accounts confirming that a login attempt was made (these are the emails that were deleted from my inbox and deleted again from the trash folder).

I will check the email associated with my FF account to see if any notifications about a new login were deleted from the trash folder. Hopefully there is a way to do that.

I suppose that will help narrow down the list of potential scenarios. If my FF was logged into and I recover a deleted new login email, then that would be a place to start. I will update this thread as I explore.