Google: No Breach In Latest Online Dump Of Credentials

  /     /     /  
Publicated : 22/11/2024   Category : security


Google: No Breach In Latest Online Dump Of Credentials


The online leak of some 5 million username and password combinations consisted of mostly stale or older credentials that dont actually work, Google says.



Speculation was high yesterday in the wake of
a Russian news outlets report
that some 5 million Google usernames and passwords had been doxed or dumped online for all to see.
Google set the record straight late yesterday that no breach of Google systems had occurred and most of the dumped credentials were stale: less than 2% of the credentials actually work. The search engine giant says its automated anti-hijacking systems would have blocked any attempts to use any working stolen credentials.
One of the unfortunate realities of the Internet today is a phenomenon known in security circles as credential dumps -- the posting of lists of usernames and passwords on the web. We’re always monitoring for these dumps so we can respond quickly to protect our users, Google said
in a blog post
.
Google reiterated what most security experts already had inferred: that the stolen usernames and passwords were not the result of a Google breach, but instead due to everything from credential reuse on the web to possible malware and phishing attacks.
For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others. Or attackers can use malware or phishing schemes to capture login credentials, Google said.
Google recommends users adopt its two-factor authentication option, as well as create a strong and unique password.  
Said David Hobbs, director of security solutions at Radware, businesses and consumers should now expect their personal information to be leaked at some point. Users need to keep in mind that the best defense is a good offense -- minimize your vulnerability by thinking twice about what data is placed in the cloud, Hobbs says. Also, the standard best practices hold true: stop using the same passwords across multiple online services, and create a rotation plan for regularly changing passwords.

Last News

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security

▸ Senate wants changes to cybercrime law. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Google: No Breach In Latest Online Dump Of Credentials