Google responds to Gmail password leak
After it was reported that a list containing as many as 5 million usernames and passwords from Google's Gmail users was leaked online, Google is responding by saying that its servers would have blocked suspicious log-in attempts. Noting that only 2 percent of the password and username combos would work, Google says it has protected affected accounts.
"We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts," the search giant said. "We've protected the affected accounts and have required those users to reset their passwords."
Google said that if it notices anything unusual with your account, it would block sign-in attempts from devices and locations that are unfamiliar.
Still, like Apple's high profile iCloud fiasco that resulted in leaked nude images of celebrities earlier in the month, Google says that its leak is not because of a security breach and that these credentials were obtained through phishing, malware, or other means.
"It's important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems," Google emphasized. "Often, these credentials are obtained through a combination of other sources."
Are you a victim of having your password compromised? Did you change your password following this morning's news?
Get the Android Central Newsletter
Instant access to breaking news, the hottest reviews, great deals and helpful tips.
pass and user name they got into your Calendar, contacts, G+, settings, picasa you tube, drive, documents and whatever
google apks sensitive info we have.
Later i found the complete leak file, cointaining the passwords, checked mine and it was a password used on some old service or online game. i've never used that password on my gmail account. false alarm! i can't remember exactly which service/game was responsible for that leaked credentials.
my login was that gmail address, and the password was one of my generic-disposable-passwords which i often used for signing up to services, online games, beta tests etc usually if i stick to the game/service etc i change to a more secure and unique password. edit:
have some supects
a couple of old online games, mostly asian-mmorpgs that i've never played mora than once to test
and a forum about tv shows that i subscribed only to access some content and never checked it again. found entries of that password mailed to me in plain text, by those services, no wonder it was leaked TL;DR - old password from 2007 from dead websites, never used on gmail.
Not sure who said that, but it's true lol
1) It's years old.
2) It was most definitely a breach of another site (some forums, in my case) that shared the same password. Edit: Actually, the password was never even used for that throwaway email, so this is clearly a list from another service. IF some Gmail accounts were affected, it was because their Gmail account shared the same password as whatever service was breached.