MOUNTAIN VIEW, Calif. — A list of 5 million Gmail addresses and passwords appeared on a Russian Bitcoin forum Wednesday.
It is still unclear how anyone obtained the vast collection of usernames and passwords. Google says its servers were not breached. The list appears to be a collection of passwords exposed in previous hacks — likely on users’ own computers, not Google’s systems.
“We have no evidence that our systems have been compromised,” said Google spokeswoman Caroline Matthews.
In fact, there’s no telling yet whether the list is even authentic, the company said.
The list has since been taken down, but there is a tool that allows you to easily check if your account has been compromised.
Simply type your email address into this Security Alert tool to see if your account has been exposed.
Note: This website is getting lots of traffic today, so if you don’t get it at first, please try again later.
Google is warning affected users to take steps to further protect their Gmail accounts, such as creating a stronger password and using an extra security feature called two-step authentication.