Google confirmed that many of the passwords that were leaked were taken from websites other than Google, and that there is no evidence of Google systems themselves being compromised. Users are advised to avoid website that claim to check whether a specific name has been compromised. Instead, you can download a list of affected usernames in a text file here, and search for specific usernames. (Be forewarned: It’s a big file, and could take your computer a while to open.)
Of course, this is a good time to remind Google users to use good online safety practices:
- Turn on two-step authentication.
- Change your password often.
- Do not use the same password for multiple sites.
Additionally, since many of these passwords could have been obtained through phishing schemes, remember to always make sure you at the correct website before putting in any sensitive information.
[IB Times]