Millions of Gmail addresses have been posted onto a Russian website along with a set of passwords for the accounts.
The total number of Gmail addresses and passwords that were posted online approached the five million mark but there are serious doubts with whether the passwords are correct.
Security experts believe that the passwords are not correct and that they are either old ones that have been obtained through phishing attacks or that they are passwords that have been used on other sites in conjunction with Gmail addresses.
Reddit users have confirmed that they have found their Gmail addresses in the list but that the provided passwords have never been used in conjunction with their Gmail account.
Reddit user InternetOfficer stated, “The password that I generally use for other services is shown in this list and not my Gmail password. This proves that the hackers hacked into some other service where Gmail address (or other email addresses) are used and got the password of that service not Gmail password.”
Google have stated that they have seen no evidence that their systems have been successfully hacked but did confirm that some users have been asked to change their password.
In a security blog released by Google, it stated, “We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We’ve protected the affected accounts and have required those users to reset their passwords.”
As cybercriminals are developing more sophisticated methods of attacks, it is vital that security measures are in place and regular updated. It is recommended that strong, different passwords are used for different accounts to ensure that access cannot be obtained to multiple accounts through obtaining one password.