According to a report which surfaced today, roughly 5 million passwords associated with Gmail accounts, or at least passwords that were once tied to Gmail accounts, have been leaked online.
Coming out of Russia, it has been found that many of the passwords are either old passwords, or are actually passwords associated with other accounts for the same user. For example, instead of the password being tied to your Gmail, it could actually be to your old Yahoo or Pokemon Creed account. Yes, Pokemon Creed is a real thing.
Now, it should be noted that this leak does not appear to be due to a breach of Gmail’s security. Instead, this is likely a dump of year’s worth of phishing, and if your information was in this leak, then we recommend that you stop filling out shady emails that might hit your spam folder from the IRS and the FBI. In fact, to take it one step further, maybe look into Google’s 2-step authentication? It is always better to be safe than sorry.
To see if your account has been hijacked, you can use this online tool to do so.