{"id":16904,"date":"2014-09-10T14:00:53","date_gmt":"2014-09-10T20:00:53","guid":{"rendered":"https://www.webroot.com/blog/?p=16904"},"modified":"2018-10-05T14:17:41","modified_gmt":"2018-10-05T20:17:41","slug":"5-million-gmail-accounts-breached-one","status":"publish","type":"post","link":"https://www.webroot.com/blog/2014\/09\/10\/5-million-gmail-accounts-breached-one\/","title":{"rendered":"5 million GMail accounts breached, and I was one of them"},"content":{"rendered":"

There is a bit of irony in this blog post, if you will. \u00a0Over my time at Webroot, I have become a major advocate and vocal evangelist of digital security, from talking about major level breaches to sharing my experiences with dating-website scams. \u00a0My work has focused around the education of those who will listen and read my work on the value of keeping one’s self safe at home, work, and while traveling. \u00a0Like many others, I never thought (often quite ignorantly) that my information could get out there in a breach. And if it did, I was sure I would be still protected.<\/p>\n

This morning, we found out that there was a breach of over 5 million Gmail accounts, all hosted in a plain text file on Russian hacker forums. \u00a0Naturally, we wanted to see what the data was like, and there it was, plain as day for everyone to see. \u00a0We started to look up our various accounts, and out of my whole team, I was the only one to appear. \u00a0Right in front of me, on a list with 5 million other people, was my information. \u00a0My heart sank a little, followed by the sort of nervous laugh I get at times all while I played through the major steps I had taken to protect myself prior, and what I needed to go change. \u00a0Luckily, at the beginning of the year, I did my own security update and implemented two-factor authentication across all my major accounts, changed my standard passwords, and updated my security settings. \u00a0And while we have covered these tips in the past (along with Tyler Moffitt’s security tips), there is no reason we shouldn’t all go back and just do a quick audit to make sure. \u00a0In this case, there are two major steps I took to ensure my security online with this breach; changing my passwords and making certain that I have two-factor authentication turned on.<\/p>\n

Change your passwords:<\/strong> \u00a0Every three months is the average for a company for changing of passwords, often not allowing you to repeat for at least 10 passwords. \u00a0This may be an annoyance, but with breaches like this occurring on a daily basis, it’s a necessary step that you should be following at home as well. \u00a0It’s no longer simply about someone figuring your password out, but rather the idea that any level of breach can grab your standard password and e-mail address, and attempt it across multiple channels until success is found. \u00a0Changing your password removes this ability. \u00a0Need help figuring out a new password you can remember? \u00a0Take your standard password and move one key left or right for each letter. \u00a0The keystrokes will be similar and it will help product a difficult password. Remember, characters and numbers should be intermixed to increase the difficulty. \u00a0Reminding yourself with a calendar note to change all your passwords on the same day every three months. \u00a0I would also recommend looking into a password manager, such as the one included in\u00a0Webroot SecureAnywhere\u2122 Internet Security Complete<\/a> for home users, to help with the difficult passwords you now have to remember.<\/p>\n

Enable Two Factor Authentication:<\/strong> \u00a0I have talked about this before (and shared links), and I cannot stress enough the importance of this level of security. \u00a0With cell phones being at the ready in almost all aspects\u00a0of our daily lives, this is one of the most convenient and easy layers to implement. \u00a0By adding this layer, the service will authenticate any login attempt through an independent channel, allowing you to know if someone is attempting unauthorized access. \u00a0Below are links to the sites listed above for their steps on enabling this step.<\/p>\n