Nearly 5 Million Google Account Passwords Reportedly Leaked

Nearly 5 Million Google Account Passwords Reportedly Leaked
Advertisement
A stash of roughly 5 million usernames and passwords of Google accounts (including Gmail, Google+) was reported to have been found on a Russian forum for Bitcoin security on Wednesday, before being removed. The leak is said to follow similar ones for Mail.ru and Yandex, the Russian email and search giants respectively.

CNews reports (via Daily Dot) Google representatives responded to local media saying most of the username and password combinations were either old or matched suspended accounts.

Google recommends users change their passwords, and also enable 2-step verification to ensure no misuse. The Google account credentials stash was posted on btsec.com by user tvskit, who claimed 60 percent of the passwords were still valid.

The same Bitcoin security forum has been the host of the Mail.ru and Yandex username and password leaks over the past few days, published in the form of text files, just like with the Google leak. The three leaks are said to contain credentials of English, Russian and Spanish-speaking users.

Notably, Google and Yandex say there is no evidence of a recent hack on their own systems, and that the credentials appear to have been collected over years through phishing and hacking attacks.

Mail.ru reportedly saw 4.66 million username and password combinations leaked on Tuesday, and Yandex 1.26 million on Monday. Apart from changing their passwords, users can also check if their Google, Mail.ru, and Yandex passwords are among those leaked, with the help of a search tool. Note, the tool may be temporarily inaccessible due to high traffic.

Update: Google has responded with a written statement on its Online Security blog, saying, "We found that less than 2 percent of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We've protected the affected accounts and have required those users to reset their passwords."

Apart from reiterating that the leak was not the result of a breach of its systems, the company had prefaced the blog post saying, "One of the unfortunate realities of the Internet today is a phenomenon known in security circles as 'credential dumps' - the posting of lists of usernames and passwords on the web. We're always monitoring for these dumps so we can respond quickly to protect our users. This week, we identified several lists claiming to contain Google and other Internet providers' credentials."

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Intel's New Reference Design Comes With Promise of Android Updates Within 2 Weeks
Release of iPhone 6 Delayed in China
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »