In what appears to be an unknown attack, hackers have dumped over 5,000,000 valid gmail username and passwords on the Internet early Wednesday morning.
Unknown hackers have leaked over five million valid credentials pertaining to Google Mail logins early this morning. The random dump of passwords first appeared on reddit’s netsec section linking to the another website hosting the leaked gmail accounts.
The .txt file of all leaked gmail usernames was found on BitCoin security (forum in Russian), where the leak is believed to be first offloaded. The file of leaked emails does not contain any passwords or other sensitive information, only full gmail email addresses.
As the leak was posted only hours ago, Reddit users are warning each other not to enter any email username or password combinations into any websites “to check if your password is secure.” It appears scams are already appearing or Reddit users are getting ready for the scams to come.
Where the leaked emails originated from remains unknown, but many are speculating the email addresses were leaked from another website or a compilation of other websites and not from Google itself.
Others have stated this is the result of phishing attacks, malicious attacks, and the use of weak passwords. Just last week we saw Apple state celebrities nude photos were leaked due to weak passwords.
The exact number of email addresses leaked is 4,929,090 and a number of users online have already identified their accounts inside the leaked database. The accuracy of the leaked gmail database has not yet been verified, but has been reported that upwards of 60 percent of login credentials are valid and working.
It is highly recommended you change your gmail password regardless and turn on a form of two-factor authentication to heighten security and prevent any possible future attacks.
Many are urging others to switch to alternative secure email providers to prevent future attacks.