Almost five million usernames and passwords that were reportedly taken from Google's Gmail accounts had been leaked online last Tuesday on a Russian Bitcoin security forum.
Several data breaches were said to be the main cause of such inconvenient occurrence, and majority of the leaked passwords had been identified as three years old or more.
Despite the hacking incident having leaked mostly outdated information, it has been strongly suggested by security experts that users should update their passwords in a regular manner, especially when data breaches occur.
It has also been recommended that Gmail users should not overlook the two-step authentication process that provides increased information security.
With Google becoming associated with hacking incidents more than a few times in the past months, the company has released a statement regarding the latest hack attack and the security of their users' information.
"The security of our users' information is a top priority for us," a Google spokesperson commented. "We have no evidence that our systems have been compromised, but whenever we become aware that accounts may have been, we take steps to help those users secure their accounts."
Moreover, Google claimed that the adverse impact of the hacking incident was strongly exaggerated.
"We found that less than 2% of the username and password combinations might have worked," Google stated in an official blog post, "and our automated anti-hijacking systems would have blocked many of those login attempts."
Following the incident, news sites have put forward the site IsLeaked.com as a simple solution for Gmail users to check if their account information had been included in the data that were breached and leaked. A day after, the site itself became unavailable, possibly overloaded with a considerable number of visitors checking for their personal information.
Google insiders have insisted that, as no internal systems were breached and illegally accessed, the company has concluded that the said data breaches were a result of an individual obtaining usernames and passwords from computers that have been infected by malware. This has been deemed as the main explanation as to why the list of hacked and leaked account information seemed to be pulled in from much older lists.
