5 Million Google Accounts Reported Compromised, Was Your Account In The List? Here’s How To Tell, Protect Yourself
Nearly, 5 million Gmail accounts is reported compromised. Was your Gmail account (aka Google Account) in the list? Was your account hacked? Here’s how to find out if your Gmail account is safe. Also, what steps you should take to protect your account.
Earlier, on Wednesday, a report published on a Russian news website. The report claimed that around 5 million (exactly 4929090) Gmail accounts were compromised. The data of all Gmail usernames and passwords were published to a Russian Bitcoin forum. The poster, tvskit, claimed that 60% of the accounts are valid and the passwords are working. As the news spread, the forum administrators removed the passwords and left only the Gmail usernames in the text file. Later, Google denied of any compromise of its systems. Thus many theories started to emerge. One of the speculation made after the huge leak of Gmail accounts was a phishing attack. But the other theory seemed much more practical. The bad habit of using same account credentials on different websites.
Even when we see so many websites getting hacked, using the same account credentials across different services is a dumb idea. Still, some people don’t learn. You will find a lot of people, which may include your friends or family members, still uses the same username and password across different online services. Cyber-crooks may use the compromised database of another website to find usernames associated with Google’s Gmail service. They can then use the compromised data and try to login into your Google account. If the password, which they got from the other website is same they can login into your Google account without any problem.
After the news spread about the leak has come out its obvious that most users have changed their passwords. Also, it’s very likely that some of the accounts may be suspended or outdated. So, not all accounts that are in that database are vulnerable. Still, if your email address was in the list, you should follow the guidance at the end of this post. These guidelines are simple to follow. If you follow them, which you definitely should follow, will help protect your account.
How to check if my Gmail account is safe?
Now that everything is in the public, you may want to check if your Gmail account is in the leak. You can visit Google Account Breach Checker created by Dashlane to find out if your Gmail account is safe or compromised.
Enter your email address and click on the “Check” button. The page will then show you if your Gmail email address was in the leak or it is safe.
What steps should I take to strengthen the security of my Gmail account (aka Google account)?
If your account is in that list you should follow some of the tips shared below to strengthen the security of your account. These tips are good even if your email address is safe. Following them will help you strengthen the security of your Gmail account. We have also published lot of posts in the past with tips to make your online accounts safe. Some posts helps you take steps to protect yourself. They guides you on securing your account if it’s compromised.
First of all you should immediately change your Google account password (if your account is in the leaked list). Visit this page directly to change your password.
No matter if your Google account was in the list or not, you should follow the tips below to protect your account
You should turn on 2-step verification (aka two-factor authentication or two-factor authorization) on your Google account. Visit https://www.google.com/settings/security to enable 2-step verification for your Google account. Setting up 2-step verification is quick and easy. It’s free and makes compromising your account almost impossible. It hardens the security of your account tremendously. It’s the same page where you can change your Google account’s password and check on other security stuff.
If you have a smartphone, you can use Google Authenticator. No smartphone? You can use the option of getting 2-step verification via SMS (text message) or voice call.
If you have a bad habit of using the same username and password across every other websites, you should definitely think about getting yourself a password manager. A lot of great password managers are available and most of them lets you use them for free. You can use good password managers like LastPass, Dashlane, Sticky Password, KeePass, 1Password, RoboForm etc.
You should also check out the official Google Security Checklist for more tips to protect your account.