Another day, another security breach. In the latest reminder that nothing, NOTHING, is really that secure on the Interwebs, 5 million Google email addresses, usernames and passwords have been leaked to the outside world, via a Russian Bitcoin forum.
The leaked list is now off-line, and many of the passwords leaked have been collected over the past few years, so if you have updated your Google log-in details very recently then you are probably OK. If you haven’t updated your password in years, then now might be the time to a) do that as well as enable the two-step authentication feature, and b) check this site to see whether your Google account is open to being compromised (warning: that site is crashing all over the place at the moment so be patient).
Alternatively, just change your password immediately – which is a much better solution than entering you email details into another site, right?
The information was posted to btcsec.com by a user who claimed that at least 60% of the account details were still active and valid. Although the original post has been remove, the details were quickly copied and uploaded to other sites across the web. As well as Google data, the list contains information relating to Yandex, Russia’s largest search engine.
Google issued a statement about the breach, confirming that there was “no evidence” that its systems had been compromised, although the company did not deny that the leaked passwords were genuine. A Google spokesperson said:
The security of our users is of paramount importance to us. We have no evidence that our systems have been compromised, but whenever we become aware that an account has been compromised, we take steps to help our users secure their accounts.