WASHINGTON, Sept. 10 (UPI) -- An archive containing approximately five million Gmail addresses and passwords were dumped in an online forum Tuesday with 60 percent of them valid, claimed the user who posted them.
"We can't confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate," said Peter Kruse, the chief technology officer of CSIS Security Group.
The user, identified only by the online name "tvskit," posted the data to a Bitcoin security forum.
Kruse told PCworld that the company does not believe the leak came from within Google itself, but was collected from other data breaches and compiled into one archive. This means that many of the usernames and passwords do not correspond to Google accounts, but to online accounts where users use their email addresses as their log-in.
"The security of our users is of paramount importance to us," said a Google representative. "We have no evidence that our systems have been compromised, but whenever we become aware that an account has been compromised, we take steps to help our users secure their accounts."
Users are encouraged to change their log-in names and passwords on all accounts associated with the email. The website isleaked.com allows users to check if their information to see if it has been hacked.