A list containing as many as 5 million usernames and passwords from Google's Gmail users has been leaked online by Russian hackers.
The account details have been posted online on a Bitcoin security forum called btcsec.com, by a user. He has claimed that over 60 percent of credentials found inside are valid.
However, Google while acknowledging the leak in a blog post, said that its servers would have blocked suspicious log-in attempts. It further said that only 2% of the password and username combos would work.
Google said: "Often, these credentials are obtained through a combination of other sources. For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others. Or attackers can use malware or phishing schemes to capture login credentials."
It may also be possibel that many of the leaked passwords do not correspond to Gmail or Google accounts, but to accounts on other sites where users have used their Gmail addresses as the user name.
If you want to check whether your password was one that has been leaked, you can visit www.isleaked.com and input your email address there. You may also like to change all your passwords.
I would also recommended enabling 2-step verification for Gmail.
Click here to check if your email id was leaked.
