In a startling turn of events, an online forum based in Russia has dumped a huge list of about 5 million Google accounts along with their login credentials. While the person responsible for publishing this massive list is claiming that 60% of the username and password combinations are working, Google has categorically denied the passwords to be valid and that the list is not accurate. Google has made it public that only about 2% of the password might be valid and there are usual security measures to safeguard such Google accounts. Google as well as security researchers agree that this is not a result of some security breach of Google servers but the credentials were collected through malware infection, phishing and data theft.
There are many online security sites which are making it very easy to check your Google account against the list of username and passwords dumped online. The best of them is the KnowEm LLC online alert service. You can visit the KnowEm LLC website at http://securityalert.knowem.com/ and enter your GMail address to find out if it is included in the list of “hacked” accounts.
If your email address is found, it will inform you with that your email address might be included in the hacked accounts list. In this case, it is a good idea to immediately change your password and password recovery options. While selecting a new password, you can create a very strong password using the free Norton Password Generator. It is also suggested that you start using the two-step verification in Google to thwart any hacking attempts in future.
But if your email address is not included in the list, then you would see a relieving message saying – “Everything looks OK”. Even though your GMail account is not included in the list of “hacked” accounts, you should still have a second look at all your password recovery information, use the two-step verification and keep changing the password regularly.
Since Google does not report the data breach from their servers, the most possible reason of the account credentials to be leaked or hacked is the malware infection or phishing. To prevent phishing and to keep your system malware free, you should install a good antivirus solution on your PC or mobile devices. There are many good antivirus solutions like Avira and avast! are available for free.
You can see more information about securing your Google account at http://googleonlinesecurity.blogspot.de/2014/09/cleaning-up-after-password-dumps.html.