Here they are again, not being evil.
At all, ok?
Yes, whilst the tech world was busy thinking about which nudey pics might pop out of the iCloud next something a bit more important was happening.
Why so? Well, awful though the celeb iCloud hack was, it only affected a small number of individuals. Meanwhile, yesterday, almost 5 million individual GMail accounts had been compromised and their details splattered all over the web as Freedom Hacker reported:
In what appears to be an unknown attack, hackers have dumped over 5,000,000 valid gmail username and passwords on the Internet early Wednesday morning.
Unknown hackers have leaked over five million valid credentials pertaining to Google Mail logins early this morning. The random dump of passwords first appeared on reddit’s netsec section linking to the another website hosting the leaked gmail accounts.
The .txt file of all leaked gmail usernames was found on BitCoin security (forum in Russian), where the leak is believed to be first offloaded. The file of leaked emails does not contain any passwords or other sensitive information, only full gmail email addresses.
As the leak was posted only hours ago, Reddit users are warning each other not to enter any email username or password combinations into any websites “to check if your password is secure.” It appears scams are already appearing or Reddit users are getting ready for the scams to come.
Where the leaked emails originated from remains unknown, but many are speculating the email addresses were leaked from another website or a compilation of other websites and not from Google itself.
Others have stated this is the result of phishing attacks, malicious attacks, and the use of weak passwords. Just last week we saw Apple state celebrities nude photos were leaked due to weak passwords.
The exact number of email addresses leaked is 4,929,090 and a number of users online have already identified their accounts inside the leaked database. The accuracy of the leaked gmail database has not yet been verified, but has been reported that upwards of 60 percent of login credentials are valid and working.
It is highly recommended you change your gmail password regardless and turn on a form of two-factor authentication to heighten security and prevent any possible future attacks.
Many are urging others to switch to alternative secure email providers to prevent future attacks.
Google’s response as reported by Freedom Hacker?
Yes, all systems were working as they should which means that these things can happen but since it’s all working as it should then what exactly is your problem?
Sounds awfully familiar, doesn’t it?
Anyway, we know their are many BlackBerrians who came over from the rusty robot and brought their GMail accounts with them and others who merrily use them on the PC with so, courtesy of BGR here’s how to check if you have been compromised.
By the way, if you have it’s not Google’s fault, ok? Everything is working normally.
First and foremost, visit the following website:
Enter your Gmail email address in the field near the top of the screen and you will be notified immediately if your account was exposed in this latest breach. And just to prove to affected users that this is a legitimate issue, the site will display the first two characters of your password if your credentials were leaked.
So, what should you do if your account is now exposed?
Immediately visit the following link:
Clicking on the Security tab on this page will allow you to change your password, and you should do so immediately.
Now, whether or not your login was leaked in this most recent hack, you should take this opportunity to enable 2-step authentication on your Google account.
On the same page linked above, the Security tab shows a “2-Step Verification” listing. Click the settings link next to it and you’ll be walked through the setup process. For those who are unaware, 2-step authentication will text a unique temporary security code to a phone number you provide during the setup. Then, that code must be entered each time you log into your Google account from a new device or with a new service.
So, there you go. 5 MILLION accounts hacked and no one to blame.
Oh, and you think this is unusual? Just for fun why not Google ‘Gmail Hacked’ and watch your search engine explode.
Still, at least you can trust Google with everything on your Android phone…
Let’s hope so.
Since they record just about every keystroke, never mind all your photos, documents, videos etc and upload it to Google Drive…
YOU DID ALREADY