The Algorithmic Watch
THE cyberattack that has hit email giant Gmail, compromising as many as 183 million accounts and exposing both usernames and associated passwords, underscores the importance of constant digital security checks online.
The leaked data, now circulating online, includes not only the email addresses themselves but also the passwords believed to be linked to those accounts.
The breach could allow hackers access not only to Gmail accounts but also to all the other services that depend on them, posing a serious threat as it could give cybercriminals entry to multiple online platforms.
Although the breach occurred in April, it was only recently flagged by Have I Been Pwned, a global database that monitors and reports data breaches.
According to Australian web security consultant Troy Hunt, who operates the site, the exposed information was part of a larger compilation of hacked data drawn from various sources across the internet.
How to keep safe in future
There are several ways in which people can keep safe on the internet, especially when working with sensitive data, some of them are mentioned below.
Advanced Two-Factor Authentication
Experts now deem SMS-based two-factor authentication insecure. They recommend authenticator apps or physical security keys instead. These tools prevent common account takeover attacks, safeguarding sensitive communications effectively.
Encrypting files and folders
You should encrypt sensitive files or entire folders. For instance, on Windows OS, right-click a file, go to Properties, Advanced and tick ‘Encrypt contents to secure data’.
For MacOS, use Disk Utility to create an encrypted disk image; go to File, New Image, then Image from Folder, and enable encryption.
It is also important to encrypt the entire device.
Full-disk encryption keeps all files on your computer or phone safe if it is lost or stolen. Windows uses BitLocker, and for macOS, you can turn on FileVault.
Password Managers
Reusing passwords creates critical vulnerabilities across multiple accounts. A dedicated password manager generates and stores complex, unique credentials. This practice contains breaches to a single platform, security officials confirm.
Unusual Account Activity Messages
Google can send alerts for suspicious sign-in attempts. These warnings often detect logins from new devices or foreign locations. It is important to treat these notifications with high urgency and change their credentials.
End-to-End Encryption
Gmail’s standard encryption does not protect messages from Google itself. For true confidentiality, use dedicated services like ProtonMail or Signal. These platforms encrypt content before it leaves the sender’s device.
Official Verification Combats Sophisticated Phishing Attacks
Phishing emails now convincingly mimic trusted contacts and organisations. Always verify requests for sensitive data through a secondary communication channel. A separate phone call can confirm a message’s legitimacy.
Check for breaches
It is important to check and use Have I Been Pwned (https://haveibeenpwned.com) to see if your credentials have been compromised. – IOW Data.
