Another day, another internet security issue for you to think about. This time, it’s a massive file containing over five million email addresses with their associated passwords which have been leaked on a Russian Bitcoin forum and then disseminated through various means around the internet.
The leak itself wasn’t from Google’s Gmail servers and isn’t a breach of the company’s security measures, but in the case of those who have used the same email address and password combination for multiple websites you could be in trouble. That’s because, from what we can see, the Gmail email addresses and passwords are from other hacked websites and have just been matched up together in the hopes that users have doubled up on password usage.
Of course for those users who have already used additional security features like two-factor authentication, there is absolutely no danger posed by the leak even if you have reused passwords.
If you haven’t turned on two-factor authentication by the way, we have a helpful guide on setting it up for Gmail, Facebook and Hotmail.
For its part, Google has already confirmed that there was no breach of its servers and that of all of the passwords in the dumped file “less than 2% of the username and password combinations might have worked”. Google even goes on to say that its “automated anti-hijacking systems would have blocked many of those login attempts. We’ve (they’ve) protected the affected accounts and have required those users to reset their passwords.”
If you’re worried about your email address having been one of those affected by the leaked passwords can visit the ‘;–have i been pwned? website which allows you to search for your email address in a database of leaked username and password combinations to find out whether or not you need to be changing some of your passwords.[Via – The Telegraph, Image – Shutterstock]