Google Advises Gmail Users To Change Their Passwords Due To Possible Data Breach

Over 5 million combinations of stolen usernames and passwords were posted in an online forum on Tuesday, PC World reported.

The log-in credentials were posted by user "tvskit" on the Russian Bitcoin security forum btsec.com. Many of those posted are Gmail account details and is believed that over 60 percent of them are valid details.

Tech experts, on the other hand, cannot confirm the actual percentage of the valid data but maintained that many of the passwords, usernames and email addresses came from actual accounts of people, according to Tech Times.

"We can't confirm that it is indeed as much as 60 percent, but a great amount of the leaked data is legitimate," Peter Kruse, the chief technology officer of Danish security firm CSIS Security Group said.

Most of the details revealed in the forum belonged to Gmail and Google accounts. However, according to Kruse, most of these might have been taken by the cyber attackers from other websites where users logged in user their Google or Gmail credentials.

"We believe the data doesn't originate from Google directly," he said. "Instead it's likely it comes from various sources where users have used their Gmail addresses as the user name."

After learning about the possible security breach, Google immediately sent out notifications to users whose account details were included in the posted list, USA Today reported.

"The security of our users is of paramount importance to us," a representative from Google said in a statement. "We have no evidence that our systems have been compromised, but whenever we become aware that an account has been compromised, we take steps to help our users secure their accounts.

Even if some of the details did not come from Google accounts, the company advised users to change their passwords as a precaution. Gmail users should also activate a two-step authentication process to ensure the protection of their accounts.

Those who are worried about the security of their online accounts can visit the site isleaked.com to check if their Gmail address was included in the list.