A new alert has been issued to all Gmail users and and it might be a very good time to check and tighten the security of accounts. Google has just released some very useful advice following reports that millions of passwords were compromised in a massive data breach. Although it has since been confirmed that it was not a targeted attack on Gmail, it doesn’t mean anyone should let their guard down.

In fact, Google says that Gmail users concerned about their accounts should consider adding “2-step verification” and think about “resetting passwords” without delay.

So, how do you know if your account is vulnerable?

Initial news of a Gmail breach began surfacing after Troy Hunt, creator of the Have I Been Pwned website, released an update about ongoing cyber hacks. This free service allows users to check if their accounts have been compromised and determine if an update is necessary to stay safe.

The latest news from Have I Been Pwned suggests that over 180 million passwords have now been leaked online. It’s a vast number and is clearly concerning.

However, Gmail itself hasn’t been breached, but because of its huge popularity, a vast number of accounts that have Gmail addresses attached to them are part of the latest leak.

To stay safe, the first thing to do is visit Have I Been Pwned and enter your email address. You’ll then be shown how many breaches the account has been exposed in. If you see a red flag, then it’s time to make some changes and follow Google’s latest advice.

Explaining more about the recent reports and the confusion that followed, Google said in a post on X.

“Gmail security breach impacting millions of users” are false. Gmail’s defenses are strong, and users remain protected.

“The inaccurate reports are stemming from a misunderstanding of infostealer databases, which routinely compile various credential theft activity occurring across the web.

“It’s not reflective of a new attack aimed at any one person, tool, or platform.

“Users can protect themselves from credential theft by turning on 2-step verification and adopting passkeys as a stronger and safer alternative to passwords, and resetting passwords when they are found in large batches like this.”