On September 10, 5 million Gmail accounts and passwords appeared on a forum on a Russian Bitcoin website. Luckily information about this news is still surfacing, like the fact that some of these account names and passwords aren’t very recent. Some go back as far as three years, though considering most people don’t change their passwords very often, there is room for concern.
Google has since confirmed that there was no breach, though. So how did all these accounts and passwords leak? As it turns out, people have a bad habit of using one password for multiple accounts, including third party accounts separate from Google. Most of these third party sites require an email in order to contact the user or send him or her updates. Those third party sites are the ones that were hacked, and the account names and passwords were taken.
While many people are panicking about the situation, it is worth noting that most of the accounts are Russian, though there certainly are English ones on the list, and that 60% are actually active. Even so, Google has told users to check their accounts and to strengthen their passwords.