Home / Software & Gaming / Security / Five million Gmail passwords leaked online via phishing scam

Five million Gmail passwords leaked online via phishing scam

Earlier this week five million Gmail username and password combinations were posted on to a Russian forum site, 60 per cent of which were reportedly still active. It's bad but you don't necessarily need to panic as Google has stated that this was not the result of an attack on Gmail servers but rather, a widespread phishing scam.

It's not clear as to how the poster managed to obtain such a large quantity of user information but all data was stolen from individual users, rather than Google servers. The company has since protected all affected accounts, requiring users to change their passwords immediately. This means that you don't really need to worry, Google has you covered.


One of the unfortunate realities of the internet today is a phenomenon known in security circles as ‘credential dumps' — the posting of lists of usernames and passwords on the web,” Google said in on online security blog post.

” It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems. Often, these credentials are obtained through a combination of other sources.”

The blog post then goes on to explain that Google offers several security measures to keep accounts secure, even if user information is somehow obtained: “We’re constantly working to keep your accounts secure from phishing, malware and spam. For instance, if we see unusual account activity, we’ll stop sign-in attempts from unfamiliar locations and devices.”

Discuss on our Facebook page, HERE.

KitGuru Says: Google's tends to do a pretty good job of protecting its users, it blocks login attempts from unfamiliar devices and IP addresses automatically and is often quick to rectify the situation when user security is involved. Do many of you guys use Gmail? What do you think of Google's security measures? 

Source: Google, btcsec

Become a Patron!

Check Also

Sony investigating claims of major security breach

This week, a ransomware group claimed to have breached "all of Sony's systems", putting the stolen data up for sale on the dark web. Sony has yet to confirm that an attack has taken place but the company is now investigating.