Nearly 5 Million Gmail Passwords Dumped to the Internet

Over 4.9 million Gmail user names and passwords were posted on a Russian Bitcoin forum earlier this week, posing a potential security headache for a lot of people. Google said there wasn't any data breach, which means the logins were likely culled from other sites.

Gmail user names and passwords exposed on Russian forumGmail user names and passwords exposed on Russian forum

A Google spokesperson said,

We have no evidence that our systems have been compromised, but whenever we become aware that an account has been compromised, we take steps to help our users secure their accounts.

Many of the user names and passwords appear to be out of date, leaving about 60 percent of the list as a potentially ripe source for stealing login credentials, according to PCWorld. The information on the list could be as much as three years old.

Forum moderators have deleted the passwords from the post, although they did leave the names intact.

Since about 3 million entries on the list may be legit user names and passwords, the number of potentially compromised accounts is relatively small compared to the total number of Gmail users. Despite the low percentage, however, this is still a good reminder that periodically changing your password is a good idea, as is enabling Google's two-factor authentication.