Five million Gmail account names and passwords were posted on a Bitcoin security forum page dubbed btcsec.com, according to PCWorld.
The data was analyzed by security experts, and they found that a significant amount of it is accurate. The leaker(s) claim that more than 60 percent of the leaked data is current.
Related: How to pick strong passwords
“We can’t confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate,” CSIS Security Group CTO Peter Kruse said. CSIS is an Internet security firm based in Denmark.
The thieves pulled the data from other sites where users use their Gmail addresses as account names in order to log into other services. Researchers at CSIS found that the data that was leaked is as much as three years old.
It’s also worth noting that Google’s servers weren’t shaken down for this information. Not all of the passwords match up with Gmail accounts.
“We believe the data doesn’t originate from Google directly,” Kruse said when speaking with PCWorld. “Instead it’s likely it comes from various sources that have been compromised.”
Even so, it couldn’t hurt to change your Gmail password. Yes, this might be annoying, but if you’re concerned about cyber security (and lets face it, you should be), then at least give yourself some peace of mind by making the switch.
Toward that end, feel free to check out these six tips on how to make your password more secure.
Also, as PCWorld notes, isleaked.com can tell you if your email address got exposed due to this leak. All you have to do is enter your address in the field located in the middle of the page, and hit the blue button labeled “Check it!”
The site has been slow to load for us, so just be patient if you decide to use it. This could be due to overwhelming numbers of traffic sparked by concerns surrounding this leak.