A list of 5 million Gmail addresses and passwords appeared on a Russian Bitcoin forum Wednesday.
It is still unclear how anyone obtained the vast collection of usernames and passwords. Google says its servers were not breached. The list appears to be a collection of passwords exposed in previous hacks — likely on users’ own computers, not Google’s systems.
“We have no evidence that our systems have been compromised,” said Google spokeswoman Caroline Matthews.
In fact, there’s no telling yet whether the list is even authentic, the company said.
However, Google is warning affected users to take steps to further protect their Gmail accounts, such as creating a stronger password and using an extra security feature called two-step authentication.
Though the forum manager has already removed the file containing exactly 4,930,000 emails and passwords, it has led to somewhat of a digital panic as people work to learn if they have been affected.
Someone has created the websites for users to match their email address against the list to see if they were affected:
securityalert.knowem.com
isleaked.com/en.php
haveibeenpwned.com
We would say that its not just Gmail but it’s your non-Gmail accounts that one should worry about now, since Google as one user ID and Password which works across all Google products.
Google has published a blog post reiterating these points. Also the company has rolled out a new feature called Account Checkup, which you can use to quickly make sure no one suspicious has logged into your account lately. It will also prompt you to update your password recovery information and check what other apps you’ve given access to your account.
Reference:
http://fox8.com/2014/09/10/how-to-check-if-your-gmail-password-was-one-of-millions-leaked/
http://www.thewire.com/technology/2014/09/how-to-check-if-you-were-exposed-by-todays-5-million-password-leak/379960/
http://googleonlinesecurity.blogspot.ca/2014/09/cleaning-up-after-password-dumps.html
Special Corona Rescue Package
Everyone is looking to cut down expense. We have slashed down our prices to lowest.
Unlimited DDoS Attack Protection – No. of Attacks & Size of Attacks
More than a 100 Point of Presence (PoP) worldwide!
Strategic partnerships with industry-leading Anti-DDoS Vendors
Comprehensive knowledge on every vendor strengths & weaknesses
Fully managed service with pro-active approach
Flexible Contracts & Flat Pricing – no bandwidth overrage charges
Get started for Free – we protect first, negotiate later
Custom SSL, Periodic Pingdom Alerts, Free Consultation & a lot more