Change Your Gmail, Hotmail or YahooMail Password ASAP!
Yeah, you read that right! Here is why you you need to change your Gmail, Hotmail or YahooMail Password.
You need to change your password now if you use Gmail, Hotmail or YahooMail because like it or not, Russian hackers have stolen the data for over 263 million email passwords and have been caught selling them online. This is the largest security breach in two years, when the cyber-attack on US retailers and banks took place.
According to Hold Security a cache of more than 1.17 billion stolen online credentials has been discovered. The hackers had collected the data from a number of breached sources including Russia’s largest email service,Mail.ru.
Number of Jeopardized email accounts
The numbers of email accounts threatened by this breach of security are as follows:
- 53 million Mail.ru accounts
- 40 million Yahoo accounts
- 33 million Hotmail accounts
- 24 million Gmail accounts
These numbers seem quite staggering, so it’s better to be safe than sorry. There isn’t any evidence whether the email accounts that have been compromised belong to particular countries or not. So, unless some hard evidence surfaces, it would be better if you stayed at the safe end of the line.
The culprit is tracked down
The hacker was tracked by Hold Security, bragging about the stolen information in an online forum. And what will be difficult to believe is that the hacker even provided the company with the stolen information as proof, in return for likes on their social media pages. But yeah they did first ask for $1 to sell the information before caving in to praises and likes.
Is there a conflict of interest?
We know that the threat was recognized by a company specializing in providing cyber security and investigations, so how do we know that there isn’t a conflict of interest? It is definitely good business for the cyber security companies if the general public has an increasing fear of cyber attacks.
But let’s not jump to conclusions. We know for a fact that cybercrimes have been increasing at an unusual rate so why not be cautious and take every available precaution to save our digital lives?
A sigh of relief
You can breathe a sigh of relief because there are huge question marks over the credibility of this data. Why was the hacker trying to sell this large amount of data for just a dollar? Hold Security has also issued a statement regarding this:
“50 rubles is what the hacker wants for this incredibly large set of data,” stated Hold Security. “He can’t be serious; based on today’s exchange rate, it is less than one U.S. dollar. This greatly impacts the data’s credibility and value, similar to an expensive sports car being sold for pennies at auction.”
Some changes are in order
Even though the credibility of this cyber breach is in question, nonetheless it is important that you change your password and settings to make your account more secure –it is for your own good after all.
How to protect your Gmail account
So the threat has almost passed and you were probably not affected by the consequences because you had changed your password. But at times changing your password isn’t enough and won’t protect your account. If someone has guessed it or you forgot to log out from a computer, what do you do in such an event?
Opt for Gmail’s Two-step Verification System
Using the two-step verification of Gmail provides you with a second line of defense in case of an account invasion. If someone has your password and tries to log in to your account, they won’t be able to unless they pass the second step of verification (basically, they would need your password and your phone). Here is how it works:
- Gmail sends you a text message with a code when you sign in using your email address and password. You can then enter the code that you received to access your account.
- Or you can use a backup code that you previously generated to access your account. It works the same way as the code that you get through text messages. Just remember that each backup code can only be used once. To keep track of your used and unused codes (10 codes are generated at a time), select the option to mark it as used.
If you want to generate your own set of backup codes, sign in here, and then look for the ‘printable backup codes’ area. And if you want to know more about using codes for signing in to your Gmail account, here’s how you can do it.
Don’t check the ‘Don’t ask again on this computer’ box while using other computers
The internet browsers of today are too efficient now. They offer to remember all your passwords whether you want them to or not. Even if you click no, on the log in page, there is still the other check box to remember the computer that you logged into. If you check it as yes, then the next time you won’t need the two step verification to access your account; your password would suffice. Never check this box unless it’s your personal computer or phone.
Review your Recovery Information
If you are locked out of your account or if someone has hacked your account and changed your password, then you can use your recovery information to get your account back (provided that the hacker hasn’t changed that too). Review your recovery information which includes recovery email, recovery phone and a secret question.
Set-up Security Alerts
By setting up security alerts, you would know when a hacker has tried to access your account or when you change your recovery information. You have the option to be notified through email or a text message. In the unfortunate event that a hacker tries to access your account, recover your account as soon as you get the alert.
Review recently used devices
Do monitor your account regularly and the related activities. Review the recently used devices for red flags – any devices that you haven’t used. It might be that someone is exploiting your account and using it for unknown activities.