Alleged leaked database containing 4,929,090 Gmail email addresses and related passwords was dumped on a Russian Bitcoin Security Forum.
On September 9, user tvskit from Russian Bitcoin security forum BTCSec.com, first reported the dump of the 28.7 MB file containing more than 4.92 million of Gmail accounts and passwords, as well as several thousands of credentials from Russia's largest email service Yandex. According to the user, 60% of these credentials are valid. Since then, a forum administrator purged the passwords from it.
A study showed that the compromised accounts mostly belonged to Russian, English and Spanish-speaking users of the Google email service, reported Russian media outlet CNews.
Not only Gmail credentials give access to the email account, they also give access to other Google services such as cloud document storage Google Drive and social network G+.
Google Russia representative Svetlana Anurova said the company is investigating the alleged leak and advises users to "select strong passwords and be sure to use two-step authentication," reported CNews. She added that Google is constantly developing new levels of security to protect users, and is encrypting traffic between its data centers.
Media outlet the Next Web contacted Google regarding the issue. The company stated believing this incident wasn't the result of a security breach on its end. A Google spokesperson told the press:
"The security of our users’ information is a top priority for us. [...] We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts."
Further investigation concluded that the dump combined older lists accumulated over a period of time, which could indicate the hack of a website unrelated to Google.
Gmail users are advised to avoid entering their username and password into any website claiming to check whether their credentials have been compromised. This method known as the 'honeypot' aims to steal even more identities, and many websites have already started distributing phishing messages. Russian website isleaked.com claims to help people checking if their accounts have been compromised and is already being accused of being run by the very people who leaked the database as its domain name was registered on September 8.
Russian and Eastern European hackers have been suspected in many recent security lapses, including the Target operation resulting on tens of millions of customers' identities.
The Google credentials dump comes few days after 4.6 million Mail.ru and 1.25 million Yandex email accounts have been compromised, and dumped on the very same Bitcoin Security forum.
The two Russian companies stated that most of these accounts were inactive and have been collected over a period of time via phishing and Trojan viruses. As Google, they said their internal security systems have not been compromised.
Did you enjoy this article? You may also be interested in reading these ones:
Download our sleek and user-friendly free iOS app so you never miss the latest stories!