Gmail users have been advised to change their account passwords after account details were leaked online.
An unfortunate reality of the Internet is a phenomenon known in security circles as ‘credential dumps’ which is the leaking of usernames and passwords on the Internet. This week, we saw a whopping 5 million Gmail email addresses and passwords leaked on a Russian Bitcoin forum, this was a massive hack that has left people very sceptical about their online security.
Since the leak, Google have issued a statement claiming that less than 2% of the username and password combinations would have worked. They also said that their automated hi-jacking systems would have detected any suspicious behaviour and blocked many of the log-in attempts. Since the leak the lists have been taken down and there is absolutely no evidence to suggest that Gmail was hacked, it was just the passwords that had been leaked. It has been reported that the credential dump was not the result of a breach of Google systems. It’s thought that these credentials were obtained through a variety of other sources.
The username and password combinations not only give access to Gmail accounts, but they also allow access to other services such as Google Wallet and Google Drive. Google Russia is now investigating the credential dump and is advising all customers to use strong passwords and enable the two-step login notification to give their accounts extra security.
Hacking appears to have hit the headlines several times in the last few weeks and although they may appear harmless and most people don’t think they’re at risk, it’s important to take security seriously. Everyone knows they should use strong passwords, but that doesn’t mean they always do – we’ve all been guilty of just choosing some we can remember easily. As much as your users may not like it, we suggest enforcing password length requirements that have to be a minimum of eight characters with letters and numbers. They may not like it, but it will protect their information in the long run. Do you change your password at least every six month? If the answer to this question is no, it’s important you take the time to change your passwords regularly for extra security.