In what appears to be an unknown attack, hackers have dumped over 5,000,000 valid gmail username and passwords on the Internet early Wednesday morning.
Unknown hackers have leaked over five million valid credentials pertaining to Google Mail logins early this morning. The random dump of passwords first appeared on [Only registered and activated users can see links. ] section linking to the another website hosting the leaked gmail accounts.
The .txt file of all leaked gmail usernames was found on [Only registered and activated users can see links. ] (forum in Russian), where the leak is believed to be first offloaded. The file of leaked emails does not contain any passwords or other sensitive information, only full gmail email addresses.
As the leak was posted only hours ago, Reddit users are warning each other not to enter any email username or password combinations into any websites “to check if your password is secure.” It appears scams are already appearing or Reddit users are getting ready for the scams to come.
Where the leaked emails originated from remains unknown, but many are speculating the email addresses were leaked from another website or a compilation of other websites and not from Google itself.
Others have stated this is the result of phishing attacks, malicious attacks, and the use of weak passwords. Just last week we saw [Only registered and activated users can see links. ].
The exact number of email addresses leaked is 4,929.090 and a number of users online have already identified their accounts inside the leaked database. The accuracy of the leaked gmail database has not yet been verified, but has been reported that upwards of 60 percent of login credentials are valid and working.
It is highly recommended you change your gmail password regardless and turn on a form of two-factor authentication to heighten security and prevent any possible future attacks.
Many are urging others to switch to alternative [Only registered and activated users can see links. ] to prevent future attacks.
[Only registered and activated users can see links. ]
Link to the txt file, Eset and MBAM said it was clean but check yourself too: