Nearly 5 million Gmail usernames and passwords were leaked on a Russian Bitcoin forum on Tuesday, though the email giant has assured users that their security is not at stake.
The majority of the account names and passwords posted to btcsec.com appeared to be out of date, according to Google. However, the forum user, named tvskit, who uploaded the records claimed that of the 4,929,090 records some 60 percent of them are valid.
The list was removed from the Russian website on Wednesday.
A representative for Google reported that the private information could have been stolen over the course of several years through phishing and hacking of each account. The representative stated that the Google system was never breached.
“The security of our users’ information is a top priority for us,” the representative said. “We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts.”
Google claimed in a blog post that only two percent of the username and password combinations still worked, and that those affected by the uploaded records have been required to reset their passwords.
Peter Kruse, the chief technology officer of cyber security firm CSIS Security Group, told PC World that the data is likely as much as three years old and compiled from historical hacks.
Google suggested that Gmail users concerned over their security should change their passwords if they haven’t in some time. However, the company verified that users are not required to take any further action.
Wary Gmail users can visit isleaked.com/en.php to see if their account information was included in the leak.