Approximately 5,000,000 Google accounts leaked on Russian Bitcoin Forum

Thank you very much for the alert.

In regards to the reddit link, does anyone happen to know if the file in the OP is safe to download? Additionally, is the website, isleaked.com, which is listed in the discussion legit?

As already stated, I wouldn't enter my email address into a site I'm unfamiliar with.

Furthermore, I would suggest those contemplating the use of the site consider reading the following article first.
http://jameswatt.me/2014/09/10/isleaked-com-registered-2-days-before-gmail-leak-public/

While it has yet to be determined if the website, isleaked.com, is legit or not, the discussion on the webpage from that link in your post seems to lean toward the possibility that the website is probably legit because of the history of the site's establishment in addition to the history of the other types of email accounts that were leaked. The site was originally in response to the yandex and mail.ru leaks. Subsequently, the site incorporated the gmail accounts from the gmail leak as its third type of email search. With that said, it's also possible that the site is actually a false front and appears to seemingly be helpful and safe when it actually is unsafe and unhelpful (and really harmful.) As of right now, it cannot be determined with certainty if the site is safe or unsafe.

A password redacted version of the leaked file was then posted in the /netsec/ subreddit, which can be used to determine if your account was in the leak. Numerous people in /netsec/ have confirmed that their accounts and the corresponding passwords were listed in the leak.

It is strongly suggested that you change your Google account password to be safe. If you use the same email and password at other sites, you should change it there as well.

 

Dear Grinler:

 

I need some assistance.  I have a few gmail accounts, which means to follow the directive is to change the password for all of them.

 

You have shared the posted link, how do I use this?  I clicked on the link, and quite frankly I had not a clue what to do? (I am not a member for a start?)

 

I would be simply thrilled, if there is someone who can help me figure out how I would enter my multiple gmail accounts to see if they are listed, before I start changing passwords?

 

I love to follow instructions and I am patient, if that helps anyone willing to teach me!

The Reddit link has a strike through to indicate it has changed. The link goes to an edited subreddit with every comment made deleted. Therefore any link to a text document within that subreddit no longer exists.

Oh phooy Animal!  I must have missed it by a few minutes!    LOL...Thank you very much for letting me know.

Changing passwords is far easier than trying to translate Russian at the posted site!

 

Would I surmise then, that the pw change(s) is the best way to go? (Bummer.. )

 

Yes, password changes wont hurt at all and though this leak is probably old and wont affect you, it is better to be safe.

From post #13 link (quite the amazing blog!) the last entry shares this information:

 

 

Would I be correct in thinking that there is no longer any "safe site" to enter email addy's to check if they are not hacked?

 

Once I realized email was not an animal (no pun), I had the one and only prized email address.  As the years have passed and computer security has become a minute by minute concern, I decided that in lieu of having one email address where my every move could be traced, I decided to create multiple email accounts based on the categories in my life: personal, crafting, annonymous, secret friends, forums, etc. Most people think I'm crazy, however I can promise you, to figure out most of my email addresses is rather difficult!  And remembering passwords is like doing a Sudoku puzzle book..it keeps my mind active.

 

Who would have thought that the most valuable people now days, are "YOU" the voluteers working 24/7 for people like me to stay informed and computer safe! Thank you thank you thank you!

 

Any further ideas regarding this situation ~ let me know!

 

nademoh

Google Responds to Gmail Password Dump

Anyone had that condition?

Edited by Naathim, 11 September 2014 - 04:22 AM.

   Arghh, I just changed all my Gmail account passwords after the Heartbleed incident...

 

Sez here, from the Google Online Security Blog, "We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We’ve protected the affected accounts and have required those users to reset their passwords."

 

 

I've logged into both of my Gmail accounts and was not presented with the need to reset my brand-new-super-complicated-just-remembered passwords.

 

Anyone else been presented with this requirement?

 

 

Here's the link to the Google Blog.

 

Despite all the frustrations and the need to filter out all the "oh-noes" type of reporting that goes on out there on the WWW, I do want to pause amid the din and say, "thanks" again to Bleeping for helping us non-techie types work our way through all this.

 

Winterland

 

 

 

amongst those of you who have downloaded the text file would anyone be willing to search through it and tell me how many of the email addresses in it contain a certain string of characters (i'l  PM that string of characters to anyone who agrees to help). The characters i want the list searched for are any email adressess containing a particular 6 letter sequence, and if someone would be kind enough to search the list for me could they please tell me all the addresses containing that sequence (i doubt any but mine would contain these particular letters, they are a weird combination). As an example, if the character string was xyzwvg (it isn't) then would anyone list the email addresses leaked which contain the string, for example: "i searched the list and found: whyxyzwvgme@gmail.com , iwishxyzwvgitwasntme@gmail.com, ifitwerexyzwvganyoneelse@gmail.com  ". 

I already used isleaked.com.Any idea what to do?I was stupid and inputed my email.

 

 

Thank you very much for the alert.

In regards to the reddit link, does anyone happen to know if the file in the OP is safe to download? Additionally, is the website, isleaked.com, which is listed in the discussion legit?

As already stated, I wouldn't enter my email address into a site I'm unfamiliar with.

Furthermore, I would suggest those contemplating the use of the site consider reading the following article first.
http://jameswatt.me/2014/09/10/isleaked-com-registered-2-days-before-gmail-leak-public/

 

As of right now, it cannot be determined with certainty if the site is safe or unsafe.

 

 

Which is why it would better to avoid the use of the website. 

I already used isleaked.com.Any idea what to do?I was stupid and inputed my email.

The best thing you can do is change your password. 

Changed my password.I panicked and i wanted to make sure everthing is ok,then i make more problems.But i noticed one thing about isleak :you don't need your full email,you can censor some parts with ****.

Which is why it would better to avoid the use of the website.

Yeah, evidently, it is best to avoid the website. I was concisely summarizing the dubiousness of the website on here for all users in general to read it without going to the link which you provided or elsewhere, including isleaked.com.

Can somebody explain how this email collector websites work?(sorry for bad english)

Can somebody explain how this email collector websites work?(sorry for bad english)

Allegedly, the website checks the entered email address with the database of emails on the leaked list.