Earlier today, Daily Dot reported that nearly 5 million Gmail usernames and passwords have been hacked and posted on a Russian Bitcoin forum. The unknown hacker posted a screenshot of the database on the forum Tuesday evening, revealing some of the stolen usernames and passwords.
As of earlier today, the list has been taken down from the website. Google representatives reported that the attack was not a compromise of their systems, and that the credentials were stolen over a few years by phishing (posing as a legitimate company to try to obtain users’ information, usually via e-mail) and hacking individuals’ accounts.
Many users are finding that the leaked information is outdated, but the publisher claimed that over 60% of the stolen usernames and passwords are still working. For this reason, Google and the University Information Security Office advises users to change their Gmail password, and enable two-factor authentication on their account. As usual, you should create a strong password, which should contain over 8 characters (the longer the better), lower and uppercase characters, and numbers and/or symbols.
If you have any questions, feel free to contact the Help Desk via email at firstname.lastname@example.org or via phone at (773)508-4444.