A list of 5 million Gmail addresses and passwords appeared on a Russian Bitcoin forum Wednesday.
It is still unclear how anyone obtained the vast collection of usernames and passwords. Google says its servers were not breached. The list appears to be a collection of passwords exposed in previous hacks — likely on users’ own computers, not Google’s systems.
“We have no evidence that our systems have been compromised,” said Google spokeswoman Caroline Matthews.
In fact, there’s no telling yet whether the list is even authentic, the company said.
However, Google is warning affected users to take steps to further protect their Gmail accounts, such as creating a stronger password and using an extra security feature called two-step authentication.
In the meantime, there is a tool that allows you to easily check if your account has been compromised.
Simply type your email address into the IsLeaked tool to see if your account has been exposed.
Due to the high volume of people trying to check their accounts, the site is experiencing a gateway error. If you get an error message, reload the page or check back a little later, Life Hacker suggests.