This time, it’s 5,000,000 Gmail accounts that were compromised. Login information — email address/usernames & passwords have been posted on a Russian security forum — which means they are no longer secure.
Several people have posted ways for you to see if your email address is among them. My favorite is a tool from Dashlane, where you enter your Gmail account and it tells you whether it’s in this batch of compromised accounts. One of the main reasons I choose this as a favorite is because I know Dashlane — and their business is to help you manage passwords securely. So I feel I can trust the tool.
Perhaps the people who should worry the most are those who use the same password for Gmail as they do for other accounts — because it would be easy to replicate your login for those other accounts.
Another way that you may be at risk is if somebody hacks into your Gmail account; then goes to your other accounts and does a password reset, which would send the new password to your Gmail account, where they can get it, change the account’s password and email of record. That would lock you out and give them the keys to the kingdom in your other account. So even if you don’t use the same password for multiple accounts, if your email address is one of the 5 million, you’re still at risk.
This is a good time for a reminder:
* Don’t use the same password for multiple accounts
* When possible, use 2 step verification on accounts that let you do it