5 MILLION GMAIL CREDENTIALS LEAKED ONLINE
The news broke when a user posted a link to the log-in credentials on Reddit frequented by hackers, professional and aspiring. But the archive file containing nearly 5 million Gmail addresses and plain text passwords was posted on Russian Bitcoin security forum known as btcsec.com on Tuesday night by a user with the online alias “tvskit”, according to C News, a Russian news outlet.
The user who exposed Gmail users’ credentials said that almost 4.93 million accounts allegedly affected belong to English, Russian and Spanish users and claimed that over 60 percent of accounts are active.
This means, there is a silver lining in this leak, i.e., 40 percent of the passwords are invalid or out of date, which could be a good news for those Gmail users who have recently changed their passwords and are concerned about their account’s security – there’s a chance that they’re not at risk at all.
"We can't confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate," said Peter Kruse, the chief technology officer of CSIS Security Group.
"It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems," Google, which operates Gmail email service, explained in a post on its online security blog. "Often, these credentials are obtained through a combination of other sources."
"We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We've protected the affected accounts and have required those users to reset their passwords."
The leaked passwords not only give access to users’ Gmail accounts, but other Google services as well, including Google Drive, and the mobile payment system Google Wallet.
For Online Account Take Note : " DO NOT TRUST ANYONE " over your dead booty.
This include: Online Games, Email , PayPal ,Social Network Account etc..
The user who exposed Gmail users’ credentials said that almost 4.93 million accounts allegedly affected belong to English, Russian and Spanish users and claimed that over 60 percent of accounts are active.
This means, there is a silver lining in this leak, i.e., 40 percent of the passwords are invalid or out of date, which could be a good news for those Gmail users who have recently changed their passwords and are concerned about their account’s security – there’s a chance that they’re not at risk at all.
"We can't confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate," said Peter Kruse, the chief technology officer of CSIS Security Group.
GOOGLE SAYS NO SECURITY BREACH
Google, on its part, believes that the usernames and passwords didn’t come from a security breach of its system. That means, the credentials had been stolen by phishing campaigns and unauthorized access to user accounts."It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems," Google, which operates Gmail email service, explained in a post on its online security blog. "Often, these credentials are obtained through a combination of other sources."
"We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We've protected the affected accounts and have required those users to reset their passwords."
The leaked passwords not only give access to users’ Gmail accounts, but other Google services as well, including Google Drive, and the mobile payment system Google Wallet.
CHECK IF YOU ARE AFFECTED
A website called isleaked.com allows users to check if their email address is among those leaked. People who are concerned about the security of their account are advised to go ahead and change their password.
Get notified when it looks like someone else is trying to access your
account. Use your phone as an extra layer of security to keep other people from logging into your account. Even if anyone knows your
email/user and password they cannot continue to login, this is what a Extra Layer Security for Anti Thief or Anti-Hack.For Online Account Take Note : " DO NOT TRUST ANYONE " over your dead booty.
This include: Online Games, Email , PayPal ,Social Network Account etc..
No comments
Post a Comment