Several sources are reporting that up to 5 million older Gmail and Yandex email accounts have been compromised and passwords stolen. The breached information was then posted to a Russian Bitcoin forum by forum member “tvskit”.
The Daily Dot reports that a forum poster, known as “tvskit,” posted a list of 4,930,000 email addresses and passwords on Russian Bitcoin forum BTCsec. It was claimed that around 60% of the passwords were valid, although forum administrators quickly removed the file and redacted the passwords.
Reports indicate that most of the compromised emails are either deactivated or have not been in use for several years. There is no indication as to what level of threat current users are under but it might not be a bad idea to change your password and make sure two factor authentication is active on your Google account.
Representatives from Google and Yandex explained to CNews that the list of email addresses was created by combining lists of compromised email addresses from previous years, and that no new accounts had been compromised.
This breach may have been on old data that may or may not be relevant, but it does prove that breaches are occurring more often. Now is the best time to protect yourself, use better passwords, enable two-factor authentication, and generally re-educate yourself on proper Internet security and safety.