New Delhi: A database containing about 4.93 million usernames and passwords of Google accounts was posted on a Russian Bitcoin security forum.
The user posting the data claimed that about 60% of the logins in the leak were active could be accessed successfully using the leaked credentials.
The same Google account password is used across all Google products like Gmail, Youtube, Hangouts, Drive and Maps.
Acknowledging the leak in a blog post, Google said it had found that "less than 2 per cent of the username and password combinations might have worked." It further said that Google's automated anti-hijacking systems would have blocked many of those login attempts.
"We have protected the affected accounts and have required those users to reset their passwords," it said.
Last week, nude images of celebrities were leaked from Apple's cloud service.
Google maintained that the leaked usernames and passwords were not the result of a breach of Google systems. "Often, these credentials are obtained through a combination of other sources," it said. Cautioning users, Google said they should ensure they use a strong password unique to Google and update recovery options, so that they can get the information on e-ail or phone in case they get locked out of their account.
"And consider 2-step verification, which adds an extra layer of security to your account," it said.
If you are concerned about whether your Google account/Gmail ID is part of the leaked cache, you can use this tool to verify. This search tool also gives an option to privacy-concerned users to partially mask their email IDs.
This incident follows close on the heels of reports that 4.6 million Mail.ru accounts and over 1.25 million Yandex email IDs were compromised.
Comments
0 comment