Home / Software & Gaming / Security / Five million Gmail passwords leaked online via phishing scam

Five million Gmail passwords leaked online via phishing scam

Earlier this week five million Gmail username and password combinations were posted on to a Russian forum site, 60 per cent of which were reportedly still active. It’s bad but you don’t necessarily need to panic as Google has stated that this was not the result of an attack on Gmail servers but rather, a widespread phishing scam.

It’s not clear as to how the poster managed to obtain such a large quantity of user information but all data was stolen from individual users, rather than Google servers. The company has since protected all affected accounts, requiring users to change their passwords immediately. This means that you don’t really need to worry, Google has you covered.

gmail-ios

One of the unfortunate realities of the internet today is a phenomenon known in security circles as ‘credential dumps’ — the posting of lists of usernames and passwords on the web,” Google said in on online security blog post.

” It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems. Often, these credentials are obtained through a combination of other sources.”

The blog post then goes on to explain that Google offers several security measures to keep accounts secure, even if user information is somehow obtained: “We’re constantly working to keep your accounts secure from phishing, malware and spam. For instance, if we see unusual account activity, we’ll stop sign-in attempts from unfamiliar locations and devices.”

Discuss on our Facebook page, HERE.

KitGuru Says: Google’s tends to do a pretty good job of protecting its users, it blocks login attempts from unfamiliar devices and IP addresses automatically and is often quick to rectify the situation when user security is involved. Do many of you guys use Gmail? What do you think of Google’s security measures? 

Source: Google, btcsec

Become a Patron!

Check Also

Ransomware group ‘Egregor’ has reportedly stolen data from Ubisoft and Crytek

Egregor, a ransomware group, has apparently compromised the internal networks of both Ubisoft and Crytek, stealing …