Approximately 4.93 million Gmail usernames and passwords were published to a Russian Bitcoin forum on Tuesday, as first reported by Russian website CNews. That’s the bad news. The good news is that this leak doesn’t seem as massive upon further inspection.
First off, we got in touch with Google regarding the issue. The company does not believe this is the result of any sort of security breach on its end.
“The security of our users’ information is a top priority for us,” a Google spokesperson told TNW. “We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts.”
Next, since the posting, the forum administrators have purged the passwords from the text file in question, leaving only the logins. Furthermore, tvskit, the forum user who published the file, claimed that some 60 percent of the passwords were valid.
A quick analysis of the text file shows it includes mainly English, Spanish, and Russian accounts, but also that it seems to combine older lists accumulated over a longer period of time. There could thus be a link to hacks of sites unrelated to Gmail or any of Google’s services, especially if users are choosing the same usernames and passwords for other accounts, as well as phishing attacks.
Read the full story at The Next Web. Learn if your Gmail password was included in the leak here (though it’s probably safer just to change your password).
Comments
Log in or sign up to join the conversation.