Picture: Google Images
A list of 5 million Gmail addresses and passwords appeared on a Russian Bitcoin forum Wednesday.
It is still unclear how anyone obtained the vast collection of usernames and passwords. Google says its servers were not breached. The list appears to be a collection of passwords exposed in previous hacks — likely on users’ own computers, not Google’s systems.
“We have no evidence that our systems have been compromised,” said Google spokeswoman Caroline Matthews.
In fact, there’s no telling yet whether the list is even authentic, the company said.
However, Google is warning affected users to take steps to further protect their Gmail accounts, such as creating a stronger password and using an extra security feature called two-step authentication.
Though the forum manager has already removed the file containing exactly 4,930,000 emails and passwords, it has led to somewhat of a digital panic as people work to learn if they have been affected.
Someone has created the websites for users to match their email address against the list to see if they were affected:
We would say that its not just Gmail but it's your non-Gmail accounts that one should worry about now, since Google as one user ID and Password which works across all Google products.
Google has published a blog post reiterating these points. Also the company has rolled out a new feature called Account Checkup, which you can use to quickly make sure no one suspicious has logged into your account lately. It will also prompt you to update your password recovery information and check what other apps you’ve given access to your account.