Recently, a text file containing GMail, Yandex.ru and Mail.ru usernames and passwords was posted on Russian cryptocurrency discussion forum. It contains database of 5 million GMail accounts and it is reported that over 60% of the accounts details are valid and accessible.
The tech giant Google is aware passwords leak and stated that there was no security breach or evidence that their servers were compromised. It appears that these accounts were obtained through pishing method (users who entered their Google accounts on fake sites).
How to check if my account has been compromised?
- You can check account login activity from your Google account, it shows IP-address and last login locations. https://security.google.com/settings/security/activity?pli=1
- There is a tool called isLeaked, it lets you check if your email is compromised or not.
- If you feel uneasy entering your email on that website, you can download compressed text file from a file sharing called Mega. This list only contains email addresses due to security reasons.
How can I make my account safe?
First and foremost, if you find your account in the compromised list, change your account password immediately. Also, enable 2-step authentication from your Google account settings to make it more secure. If you don’t know what is 2-Step authentication and how it works, refer to this page: https://www.google.com/landing/2step/#tab=how-it-protects
Some points worth noticing:
- Users are reporting that these Gmail passwords dumps are about 5 years old, potentially out-of-date.
- Most of the compromised user are those who used cryptocurrency (bitcoin)
- No security breach or hacking attempt is reported by Google.
- There is a file containing usernames along with passwords is still out on the internet.
- It is recommended to change your passwords even if your email ID is not present in the text file.