Millions of Gmail users are being advised to change their passwords after a database with usernames and passwords was hacked and exposed on an internet site.
Hackers revealed nearly 5 million Gmail account details and passwords on Bitcoin Security – a popular Russian website devoted to cryptocurrency.
The leak became known after a user posted a link to the log-in credentials on Reddit frequented by hackers, professional and aspiring.
But the text file was published on Bitcoin on Tuesday night by a user called tvskit according to C News, a Russian news outlet.
The person who leaked the details said the account holders were English, Russian, and Spanish and 60 percent of accounts were active.
The passwords not only give access to Gmail, but other Google services such as Drive and the mobile payment system Google Wallet.
Svetlana Anurova, a Google representative said Google is aware of the security breach and has advised users to change passwords.
They also advise users to enable a two-step verification, a security measure where users are required to provide a passcode sent to their mobile devices before any changes can be made to their account.
Account safety: Google advise users to enable a two-step verification, a security measure where users are required to provide a passcode sent to their mobile devices before any changes can be made to their account
A Google spokesman confirmed to The Next Web that many of the passwords in question were likely taken from a website other than Google.
‘The security of our users’ information is a top priority for us,’ the company told The Next Web.
‘We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts.’
The hacker has not been found.
But hackers from Russia and Eastern Europe have been involved in a number of recent high-profile security lapses.
The Gmail leak comes soon after two other major security breaches leaked on the same Bitcoin forum, which targeted Russian email service prodiver Mail.ru and search engine Yandex.
Those two breaches affected nearly six million Internet users.