In a bid to enhance cybersecurity and minimize potential risks, Google is set to purge inactive accounts that have not been accessed for at least two years starting this week.
Google introduced this policy in May, emphasizing its goal to mitigate security threats. Internal assessments revealed that dormant accounts are more susceptible to security issues, often employing outdated security measures like recycled passwords and lacking two-step verification. This makes them vulnerable to threats such as hacking, phishing, and spam.
Warnings have been issued to affected users since August, with repeated alerts sent to both impacted accounts and user-provided backup emails. The initial phase of the cleanup targets accounts that were created but never revisited by users.
The move is part of Google’s commitment to safeguard users’ private information and prevent unauthorized access, even for those no longer actively using their services, as outlined in an August policy update.
Google accounts encompass a range of services, including Gmail, Docs, Drive, and Photos. Consequently, all content within the Google suite of an inactive user is at risk of deletion.
Exceptions to the cleanup include accounts with active YouTube channels, those with remaining gift card balances, accounts used for purchasing digital items, and those with published apps on platforms like the Google Play store.
This decision represents a departure from Google’s previous policy in 2020, where user content was wiped from services they had ceased using, but the accounts remained active.
Oren Koren, CPO and Co-founder of cybersecurity firm Veriti, asserts that deleting old accounts is a crucial step in bolstering security. Old accounts are often perceived as low risk, creating opportunities for malicious actors. Deleting such accounts compels hackers to create new ones, now requiring phone number verification. Additionally, it eliminates older data that may have been compromised in a data breach.
Koren stated, “By proactively removing these accounts, Google effectively shrinks the attack surface available to cybercriminals,” highlighting a broader trend in cybersecurity: taking preemptive steps to fortify overall digital security landscapes.
To retain your account, a simple login to any Google service once every two years, along with activities such as reading an email, watching a video, or performing a single search, is sufficient.