About 5 million Gmail passwords and account names were posted on an online forum Tuesday. While it is reportedly old data, nearly 60 percent of the credentials found inside were considered valid.
The passwords and IDs were posted on a Bitcoin security forum called btcsec.com by a user named tvskit.
“We can’t confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate,” said Peter Kruse, the chief technology officer of CSIS Security Group, to PCWorld.com. CSIS Security Group is a Danish security company that deals with cybercrimes for banks and law enforcement.
CSIS researchers have concluded that the information could be up to 3 years old.
The Gmail passwords and account names were believed to not have come from Google, but instead from third-party websites where users had their Gmail information stored.