Google is deleting some old Gmail and YouTube accounts. Here’s how to save yours
Seven months after Google warned people it would be mass-deleting inactive accounts, the company will begin pulling the trigger this Friday, December 1.
That’s going to mean Gmail, Google Chat, Google Drive and other services that haven’t been accessed in quite some time (24 months or longer, to be precise) are going to disappear—and the data they contain will be lost forever. For the most part, that’s not going to be an issue. Ghost accounts are often abandoned or were made for just a few uses.
But for some people, it’s a repository of their own history (or an archive of information that they take comfort in knowing was there). For others, it’s an account that was held by a loved one who has died—and a partial record of at least part of their lives.
The good news is, you’ve still got time to save those accounts, but you’ll have to act fast. Real fast.
Even better, it’s not a hard process—and won’t take a lot of time. Here’s all you have to do for Google to consider an account active.
That’s it. That’s all it takes! The bigger question for many people is: Do you remember the password for that account you haven’t checked for two years or more?
Note that the changes will only apply to personal Google accounts, not school, organization, or business ones. And the deletion isn’t going to be an all-at-once event. Google plans to take a phased approach to the account deletions and has been sending notifications to both the account address and recovery email, if one exists.
Why now?
Google’s deleting the inactive accounts because it says they represent a security threat. The longer an account goes unused, the more likely it is to be compromised, most likely without the account owner realizing.
That’s because those sorts of accounts tend to have older or reused passwords. And if your information was obtained by hackers in an attack on a business, there’s a decent chance they have that password.
This has already been a record year for data compromises. As of the end of September, corporations had reported 2,116 data compromises for the year, according to the Identity Theft Resource Center (ITRC). That’s already higher than the previous annual record of 1,862, set in 2021. And the fourth quarter got off to a rollicking start, with the high-profile hack of 23andMe, which could impact more than half of the company’s 14 million customers.
“Our internal analysis shows abandoned accounts are at least 10x less likely than active accounts to have 2-step-verification set up,” Google’s VP of product management, Ruth Kricheli wrote when the plan to delete unused accounts was announced. “Meaning, these accounts are often vulnerable, and once an account is compromised, it can be used for anything from identity theft to a vector for unwanted or even malicious content, like spam.”
This is one of the first major updates to Google’s inactive account policy in three years. In 2020, Google said it would wipe data that was stored in accounts that hadn’t been touched in two years but did not threaten to delete the accounts at that time.
Of particular note, Google will not allow people to reclaim the deleted addresses, since that may only make it easier for bad actors to send phishing emails and other malicious content.
(12)
