Attention: 5 million Gmail passwords leaked to Russian Bitcoin forum

The hackers are at it again. Read the full story here. If you want to find out if your account was affected, click here. Anyway, it is always a good idea to change your passwords periodically.

One comment Add yours
  1. Thanks for the heads' up.

    I did a bit more research on Google's site:
    http://googleonlinesecurity.blogspot.ca/2014/09/cleaning-up-after-password-dumps.html

    It's nothing new. It's a longer-than-usual list of emails and passwords, most over 3 years old. (I suspect they just combined several existing lists.) Many of the emails aren't even from gmail. They aren't gmail passwords, they're the passwords you used when you signed up to other sites, and gave them your gmail address. (I'm not surprised many are gmail. When I sign up to "www.great-conversations-trust-us.com", I use a gmail account.)

    If you use the same password on those sites as you do for other sites, then, yeah, you're in trouble. They now have the email and password for all those sites. If you use a different password for each site, then they can only get into the site they have the right combination for (which is likely the one that was hacked in the first place).

    A bigger concern is when a site asks for your gmail password so it can look at your address book. They'll delete the gmail password immediately, honest. Or they are using the method that gmail provides where they give gmail your address, then gmail asks for your password and permission, and just gives them the address book. That gmail screen is easy to fake well enough to fool most people.

Leave a Reply