Hackers have obtained nearly 5 million Gmail usernames and passwords, posting them to a Russian bitcoin forum. English, Russian, and Spanish-speaking users appear to have been affected, and news of this latest security breach came originally from Reddit, where a user posted a link to the log-in credential. Apparently, over 60% of the accounts are still in use and could be accessed immediately.
Google confirmed that many of the passwords that were leaked were taken from websites other than Google, and that there is no evidence of Google systems themselves being compromised. Users are advised to avoid website that claim to check whether a specific name has been compromised. Instead, you can download a list of affected usernames in a text file here, and search for specific usernames. (Be forewarned: It’s a big file, and could take your computer a while to open.)
Of course, this is a good time to remind Google users to use good online safety practices:
- Turn on two-step authentication.
- Change your password often.
- Do not use the same password for multiple sites.
Additionally, since many of these passwords could have been obtained through phishing schemes, remember to always make sure you at the correct website before putting in any sensitive information.[IB Times]