Firefox have teamed up with "Have I Been Pwned" to offer a service that allows you to check your email address against a database that serves as a library of data breaches. It will let you know if your email address and/or personal info was involved in a publicly known past data breach. Once you know where your email address was compromised you should at the very least change that system password and any other place where you’ve used that password.
This guide shows you how to check if your details have been compromised.
Firefox Monitor Check
Go to Firefox Monitor at https://monitor.firefox.com/
Enter your email address then click Scan - This will check your email against a list of known data breaches
If you use the same email address across many different websites, there is a high chance one of those websites have been compomised, if it has Firefox Monitor will return a message similar to the examples below showing the site and what was compromised, review each compromised data and look carefully for password compromises such as the well known Dropbox and LinkedIn compromises back in 2012.
If your email address/password was compromised you should at the very least change your password and any other place where you’ve used that password
I would recommend signing up for free to Firefox monitor which will monitor your email should it appear on any of the dark web databases.
Best Practice Recommendations for passwords
Use a Different Password for Every Account - Realistically this can only be achievable by using a password manager
Create Strong Passwords - A password manager can automatically generate you unique complex passwords that it will remember
Use a Password Manager - The master password should be unique and only used here, keep this safe. Also use MFA.
Use Multi-Factor Authentication - Strongly recommended on important sites to use where available using an app such as Google Authenticator
Sign Up for Alerts From Firefox Monitor - Sign up each of your email addresses, this will notify you if your email has been identified to have been compromised
Create an additional email address - I personally use another email address for web sites where i do not want to register with my good email address but where an email address is required for sign up, also if this address was compromised it wouldnt be too much hassle to close the email account and setup another account.