5 million Gmail accounts hacked

charononus

Wanted to cross post this here just in case to help keep anyone's account safe, 5 million gmail accounts just had their passwords leaked.

https://www.yahoo.com/tech/russian-hackers-release-5-million-gmail-usernames-and-97147084299.html

Changing passwords if you use gmail may be in order.

crazymikee

google already works with the nsa, so its not like someone out there didnt already have access to gmail emails lol

fauust01

thanks just did.

ironzerg79

Most of the passwords are old, but if you haven't changed you password in the last few months, please do it.

Also, if you have the ability, consider setting up 2-factor authentication with you email. It's pretty easy, and it's another layer to help protect you, and possibly your gaming accounts associated with the email.

stevebobb

biggest suggestion is not to overreact to this, some good info here:

http://www.reddit.com/r/technology/comments/2fzrdt/5_million_gmail_usernames_and_passwords_leaked/

The gist is, other sites were hacked, they found users of the hacked site(s) that used their gmail email address for the account, they made the assumption that the users used the same password for the hacked site that they used for gmail (which some people do) and published this list.

I searched my gmail address on the "was I hacked" website suggested by the original poster's article, it "found" it, and even showed the first few letters of the password. It didn't match my gmail email address password. It did match a simple password I typically use for junk sites.

jonkoca

Cheers for the heads up.

vasdamas

My former contrymen <font color="orange">HAMSTER</font> up the internet again - . -

Luckily enough I was not "pwn'd"

Unknown

This content has been removed.

ellodrith

From Google on the issue:

One of the unfortunate realities of the Internet today is a phenomenon known in security circles as “credential dumps”—the posting of lists of usernames and passwords on the web. We’re always monitoring for these dumps so we can respond quickly to protect our users. This week, we identified several lists claiming to contain Google and other Internet providers’ credentials.

We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We’ve protected the affected accounts and have required those users to reset their passwords.

more info: Cleaning up after password dumps

cheers
Ellodrith

baddiel

Meh, this happens from time-to-time, nothing you can really do about it. Changing your password probably doesn't make much of a difference to the security of any accounts. If they can get it once, they can get it again. I've had the same passwords for ages, years, across multiple accounts for various things and only been hacked once.

They're not what I would call "real" hackers anyway, most of these guys are just bored at home and with a little bit of know-how decided to be a pain in the backside. Professional hackers won't even bother with email accounts and the like. They tend to target large companies, banks and such. Or work for some form of internet security company, helping to develop software and methods to combat hacking.

So long as you have some form of up-to-date antivirus and activated firewall, you're pretty safe from getting anything that could seriously mess up your PC. And just don't go opening up any random emails, straight in the junk folder.

lewstelamon01

Already checked mine, no password reset necessary...

beckylunatic

Yeah, my mail is on the list, but the password is something I use somewhere else. It's not even close.

magiquepurse

beckylunatic wrote: »

Yeah, my mail is on the list, but the password is something I use somewhere else. It's not even close.

Same(ish). One of my emails on the list, yet the password is (I think...) one I used a few years ago lol.

Still changed it, thanks for posting this.