Almost 50 lakh usernames and passwords of Gmail users have been leaked to a Russian forum, although Google has denied any breach in its servers. The Russian forum admins have now removed all the mentioned passwords and have only left the usernames on the page in question.
A Google spokesperson said that the company had no evidence to believe that its servers had been breached to procure the user information and if it did, it would have informed users immediately.
The leaked usernames themselves seem to point towards primarily English, Russian and Spanish account holders and, according to The Next Web, seem to have been accumulated over some time.
Here’s how to find out — and what to do if your Google username and password were exposed in the breach.
First and foremost, visit the following website:
Enter your Gmail email address in the field near the top of the screen and you will be notified immediately if your account was exposed in this latest breach. And just to prove to affected users that this is a legitimate issue, the site will display the first two characters of your password if your credentials were leaked.
So, what should you do if your account is now exposed?
Immediately visit the following link:
Clicking on the Security tab on this page will allow you to change your password, and you should do so immediately.
Now, whether or not your login was leaked in this most recent hack, you should take this opportunity to enable 2-step authentication on your Google account.
On the same page linked above, the Security tab shows a “2-Step Verification” listing. Click the settings link next to it and you’ll be walked through the setup process. For those who are unaware, 2-step authentication will text a unique temporary security code to a phone number you provide during the setup. Then, that code must be entered each time you log into your Google account from a new device or with a new service.