Several tech blogs on Wednesday reported that hackers have leaked some 5 million stolen Gmail passwords to a Russian forum. They were part right. The hackers have leaked some 5 million stolen passwords to a Russian forum, each with an associated Gmail address. The reason it isn’t quite true though is that the passwords could be passwords for anything, and most aren’t current.
For example, in theory, some could be passwords stolen from a service like LinkedIn or eHarmony in a notable hack two years ago—passwords are linked to people’s Gmail addresses, but not necessarily the same ones those people actually used to log in to Gmail. Although how many of us use the same password for everything?
Google have been kind enough to go through this list and its findings were that only 1 to 2 percent worked for the service. They then proceeded to secure the affected accounts and prompting those affected to change their passwords. Google have denied that their own systems were breached in anyway, take from that what you will but they got the passwords from somewhere.
Google has also just published a blog post reiterating these points. If Google is right, then virtually no one’s Gmail account should be vulnerable at this point. Still, the company has rolled out a new feature called Account Checkup, which you can use to quickly make sure no one suspicious has logged into your account lately.
The best steps you could take in response, are the same basic steps we always recommends you take when it comes to computer security:
Make sure your passwords are strong.
Make sure you’re using a different one for every important site it’s a pain but it works.
Finally for the important account like your online banking, or that cloud storage you keep those selfies on, change it regularly.