“Some of your saved passwords were found in a data breach…” With data breaches and leaks increasingly common, Google users have reported receiving notifications regarding potential data breaches and the need to change their passwords. This has led to concern and confusion, with many questioning the legitimacy of these alerts. These Google alerts are indeed authentic — but there are fake ones, too, and it’s important to be able to tell the difference.

Google’s Security Measures

One of Google’s key features is the Password Checkup tool, integrated into the Google Chrome browser and Google Account settings. This tool continuously monitors various databases of known breaches to check if users’ credentials have been compromised. When Google detects that a user’s email address and password combination has been exposed in a data breach, it sends a notification advising the user to change their password.

In the screenshot above, you can see a legitimate security notification from Google. If you receive this, you should follow the instructions. The text will be the same:

“Some of your saved passwords were found in a data breach from a site or app that you use. Your google account is not affected. To secure your accounts, Google Password Manager recommends changing your passwords now.”

How to Identify Legitimate Google Notifications

Legitimate Google notifications regarding data breaches and password changes have specific characteristics:

• Source of the notification: Genuine alerts will come directly from Google. Users can verify the sender’s email address, ensuring it is from no-reply@accounts.google.com. Notifications within the Google Account settings or the Chrome browser are also credible.
• Direct links to secure sites: Google’s notifications will typically provide links that direct users to secure pages within their Google Account settings. Users should ensure these URLs begin with “https://myaccount.google.com/” to avoid phishing attempts.

Steps to Take If You Receive a Notification

If you receive a notification from Google about a potential data breach, follow these steps to secure your account:

• Do not ignore the notification: Even if you are unsure about its legitimacy, it’s better to err on the side of caution.
• Log in to your Google account directly: Instead of clicking on any links within the notification, manually type “myaccount.google.com” into your browser to access your account settings safely.
• Change your password: Update your password to a new, strong, and unique one. Avoid reusing passwords across multiple sites.
• Enable two-factor authentication (2FA): Adding an extra layer of security can help protect your account even if your password is compromised in the future.

Protecting Your Identity and Personal Info

Compromised personal data can have serious consequences, including identity theft, financial fraud, and job losses. We would encourage readers to head over to our new ID Protection portal, which has been designed to meet these challenges.

With ID Protection, you can:

1. to see if your data (email, number, password, credit card) has been exposed in a leak, or is up for grabs on the dark web;
2. your social media accounts with our Social Media Account Monitoring tool, with which you’ll receive a personalized report;
3. the strongest tough-to-hack password suggestions from our advanced AI (they’ll be safely stored in your Vault);
4. a safer browsing experience, as Trend Micro checks websites and prevents trackers.
5. comprehensive remediation and insurance services, with 24/7 support.

Why not give it a go today? As always, we hope this article has been an interesting and/or useful read. If so, please do SHARE it with family and friends to help keep the online community secure and informed — and consider leaving a like or comment below. Here’s to a secure 2024!