A database containing nearly million login and passwords for Google accounts has been leaked online on a Russian cyber security internet forum.

A database containing 5 million alleged Google login and password has been leaked online on a Russian cyber security internet forum. The news was spread by online media agencies, including RT.com. The huge archive is in text file format and includes credentials for alleged compromised Google accounts, the database was published on Tuesday on the Bitcoin Security board, but in time I’m writing is is no more accessible. The list is mainly composed of accounts belonging to Google users that could be used by threat actors for the entire family of services offered by Google, from the Gmail mail service to the G+ social network.

According to RT the list includes 4.93 million entries, but for obvious reasons the forum administrators haven’t disclosed the passwords leaving only the logins in the purged list.

The figure is impressive and the repercussions under the security perspective are serious, the user on the forum with nickname “tvskit“ who published the file claimed that 60 percent of the passwords are valid.

“The forum user tvskit, who published the file, claimed that 60 percent of the passwords were valid, with some users confirming that they found their data in the base, reports CNews, a popular Russian IT news website.” reported the post from RT.com.

Google Russia immediately started the investigation of the alleged data breach, and announced that in any case it will encourage its users to adopt strong passwords and enable the two-factor authentication process implemented by the company for its services.

The disclosure process is similar to other data leaks for compromised accounts belonging the Russian web services, unfortunately data breaches are becoming events very frequent worldwide. A few days ago the Russian web services Mail. Ru and Yandex suffered announced the leaks of user account credentials of 4.66 and 1.26 million accounts respectively.

In the cases reported by Russian Internet Giants Mail.ru and Yandex, according to the experts, the majority of the accounts leaked were obsolete or no more active. The company confirmed that their databases were not compromised and claimed that the leaked data was collected over the time through other kind of attacks, like phishing attacks or malware based attack, against the end-users. A similar defense was recently sustained by Apple in the case of the leak of celebrities’ naked photos online, also in that case the company revealed that its iCloud architecture was not compromised and that the users were victim of other form of direct attacks.

Stay tuned for further info.

Pierluigi Paganini

(Security Affairs – Google account credentials, data breach)