Today, it was reported that a Russian Bitcoin Forum was the location of a massive leak of approximately 5 million GMail usernames and passwords. The list was reportedly posted on Tuesday, according to Russian site, CNews. According to the poster of the list, approximately 60% of the accounts were still accurate.
However, the “leak” appears to be a list of passwords that were phished and scammed from users over a length of time, and many may have already been updated or the accounts themselves are long since inactive and/or suspended.
The leak also includes account information from Yandex, the largest Russian search engine.
According to Google and Yandex via CNews, their systems have not been compromised, hence the theory that the list of accounts were from various phishing attempts over time. If you’re not certain and want to be safe, it is best to change your password. Changing any and all account passwords on a regular basis is always a good idea and security practice.
A site, https://isleaked.com/en.php, is using the leaked list and running a search of it to find potentially compromised accounts. You can enter your GMail address into the form, and it will search. If you do not want to enter your email address, you can enter portions of the address and it will search for similar patterns. For example, entering du****7**gmail.com will match any email address with those characters that might be on the list.