Google dismisses Gmail compromise

Posted on Thursday, September 11 2014 @ 14:38 CEST by Thomas De Maesschalck

A large text file containing usernames and passwords of over 4.9 million Google accounts was leaked on Tuesday to Bitcoin Security, a Russian Bitcoin forum. After investigation, Google claims this list is likely a collection of credentials from different sources, and not the result of a breach in the company's account system.

The search giant claims fewer than 2 percent of the leaked username and password combinations might have worked and that Google's anti-hijacking systems would have blocked many of those login attemps. Google says it protected the affected accounts and have required those users to reset their passwords.

It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems. Often, these credentials are obtained through a combination of other sources.

For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others. Or attackers can use malware or phishing schemes to capture login credentials.

Source: ARS Technica

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!