Google: No compromise, likely massive phishing database
A large text file billed as a list of usernames and passwords for more than 4.9 million Google accounts is likely a collection of credentials from different sources, not from a breach of the company’s systems, Google stated on Wednesday.
The file was leaked to the Bitcoin Security board on Tuesday by a user known as “tvskit” who claimed that more than 60 percent of the passwords were good, according to translated content on Russian news site RT. Yet, in its own analysis, Google found that only 2 percent of the credentials would have worked and an even smaller number been used successfully.
“Our automated anti-hijacking systems would have blocked many of those login attempts,” the company’s spam and abuse team said in the analysis. “We’ve protected the affected accounts and have required those users to reset their passwords.”
The large file of credentials is the third to be dumped to Russian Internet forums in recent days. Files that allegedly contained the usernames and passwords for 4.7 million Mail.ru and 1.3 million Yandex accounts, two popular Russian Internet services, were also leaked online, according to RT. Both companies have said that the files were rife with invalid, obsolete and fake accounts, the news service stated.
The files are likely a collection of usernames and passwords built up over time from a variety of breaches, Google said. Passwords leaked from other websites or stolen through phishing can often be collected into large credential databases.
“If you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others,” Google’s spam and abuse team said. “Or attackers can use malware or phishing schemes to capture login credentials.”
Google recommended that its users create a strong password for their account, use the 2-step authentication process, and make sure that they have their recovery options set up correctly.