Almost 5 million Gmail addresses and their passwords have been compromised and leaked on a Russian Bitcoin forum. Admins on the forum have removed the passwords from the text file, but the Internet is forever, so if your username is among those that have been hacked, you should change your password immediately.

Luckily, there’s a quick tool you can use to figure out if your account information was leaked. Just head to http://isleaked.com/en.php and input your email address. [Edit: If you’re wary of inputting your email address on a site you’re not familiar with, the best course of action is simply to change your password as a precaution. Update: For added assurance, we reached out to isleaked.com via email, and they pointed out again that you can substitute a few asterisks so as not to give up your full email address and assured us that they aren’t collecting the email addresses entered.] It’ll tell you whether or not you need to change your password and then helpfully remind you that you probably should do that regularly anyway, which you totally do, right? (Yeah, neither do we.)

According to The Daily Dot, Google representatives told Russian media a lot of the data is outdated, and the user who posted it claims that around 60% of the passwords are current. Also leaked were accounts for Russian services Mail.ru and Yandex, and it appears the data was collected over years of phishing efforts and other hacks without actually compromising any of the companies’ databases.

Here’s a fun comic about how to make your password hard to steal (aside from not clicking links from rich foreign princes).

(image via Cairo)

Previously in digital security issues

Are you following The Mary Sue on Twitter, Facebook, Tumblr, Pinterest, & Google +?

Have a tip we should know? tips@themarysue.com