You computer and Firefox install probably did not get hacked.

A likely situation is a website account using the same email and password combo as your Firefox Account got compromised and this combo was used on a a variety of sites to see if it works whether automated or manually. So if you use the same email and password combo on multiple sites then one of them may have been data breached.

Then perhaps the person logged in you Firefox account with that email/password combo and got your Firefox sync information to get the passwords and such that was synced. Who's to say even if you pay the ransom that he or they would not publish any information they got anywhere anyways.

You can check to see if any of your emails was part of a online site data breach at https://monitor.firefox.com/ https://support.mozilla.org/en-US/kb/firefox-monitor https://support.mozilla.org/en-US/kb/firefox-monitor-faq

Also "Mozilla plugin" is rather vague, more so when people misuse the word Plugin when they really mean something else like Extensions, themes, search engines etc.

as for the https://identity.mozilla.com/apps/oldsync this shows it is related to Firefox sync. https://github.com/mozilla/fxa-auth-server/blob/master/fxa-oauth-server/docs/scopes.md

But he took screenshot of my computer

You did the right thing by changing your passwords.

If you want to report a malicious add-on that was used to spy on you, you can do that on the Mozilla Add-ons site or when you remove the extension, there will be an option to Report the add-on to Mozilla.

Otherwise, I'm not sure what information Mozilla could provide to you, or you could provide to Mozilla, at this point. ??

For general cleanup purposes, see: Troubleshoot Firefox issues caused by malware.