The data leaked online includes not only the email addresses but also the passwords thought to be connected to those accounts. This breach could grant hackers access not just to email accounts, but to all the other services and logins that rely on Gmail for access or recovery.
While the data breach originally occurred in April of this year, it was recently flagged by the website Have I Been Pwned, which monitors data breaches to notify users. According to Troy Hunt, who runs the website, the data was compiled from a much larger hack aggregated from across the internet. Users can use his website to check if their emails and passwords are part of this—or any other tracked—data breach.
Recommended Security Steps
If your account has been compromised, or may have been, users are strongly advised to take two simple actions immediately:
Change your Gmail password to a new, strong, and unique one.
Set up Two-Factor Authentication (2FA).
Two-step authentication (or 2FA) adds an essential extra layer of security. This means that even if a hacker steals your password, they still wouldn’t be able to access your account without the second challenge (like a code sent to your phone). Google uses a variety of different second challenges, with its tools automatically selecting the method most likely to keep unauthorized users out. (With input from independent)
For more details: Navamalayalam.com
