Warning! Your Password has been stolen!

Posted on September 12, 2014 by Glen

5 million Gmail passwords leaked onto the web in another Russian hack Yikes! Read on…

Cameron Koch writes:

“If you are a user of Gmail, now might be a good time to change your password.

The passwords and email addresses for close to 5 million Gmail accounts have been posted to a Russian Bitcoin forum in the form of a text file. While forum admins were quick to remove any and all passwords from the file, there is no doubt some accounts are now compromised.

A Google representative told the Russian media that the majority of the passwords featured in the text file are old, or used for accounts that have been suspended. The original poster of the file, going by the name tvskit, claims more than 60 percent of the passwords work.

Aside from Google, thousands of login credentials for Russia’s largest search engine, Yandex, were also included in the leak.

The security breach looks like it is a list of login credentials acquired over a long period of time through phishing and hacking of individual accounts, as opposed to wide-scale breach of system security. Both Google and Yandex say their systems were never compromised.

Still, it never hurts to be safe. If you want to check and see if your account may have been compromised, you can use this site. Even if your email isn’t compromised, it is always a good idea to regularly change your password and enable two-step authentication.

This latest leak is just the latest breach in security to come from a Russian source. In early August The New York Times reported a Russian crime ring had assembled a similar list of more than 1.2 billion user name and password combinations, with more than 420,000 websites reportedly affected.

The high-profile Target hack also came from a Russian source and saw more than 40 million credit card numbers stolen alongside 70 million addresses, phone numbers and other personal data. Those same hackers may also be responsible for a similar hack targeting Home Depot. There is currently no word on the extent of the hack, but the company says that those who have used a credit or debit card in the store since April may be at risk.

Let this serve as a friendly reminder to all: don’t click strange links, don’t answer foreign emails and be sure to change your password regularly. It doesn’t look like these kinds of attacks against websites and businesses will be going away anytime soon.”

SO, what to do? I suggest heading to this web site: https://haveibeenpwned.com/

Enter your email address(es) and if you’re lucky, you’ll see something like this:

 pwnd1

And if you’re not, you’ll get this response (yeah, that’s what came back when I checked one of my accounts – grrr):

pwnd2

In which case I strongly suggest you take a moment and change your password – do it now!

Sure, they could have an old password. Who knows? The fact is, there are lots of people out there that are intent on cracking your password and getting access to your stuff. Your job is to make it hard for them to do that.

If you haven’t done so already, head over here for more tips on staying safe in our ‘connected’ world.

About Glen

Profile information
This entry was posted in Tips. Bookmark the permalink.