{"id":3791,"date":"2014-09-13T02:10:10","date_gmt":"2014-09-12T18:10:10","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3791"},"modified":"2015-09-09T19:36:46","modified_gmt":"2015-09-09T11:36:46","slug":"google-leak-5-million-e-mail-account-passwords","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2014\/09\/google-leak-5-million-e-mail-account-passwords\/","title":{"rendered":"Google DID NOT Leak 5 Million E-mail Account Passwords"},"content":{"rendered":"<p>So a big panic hit the Internet a couple of days ago when it was alleged that Google had leaked 5 Million e-mail account passwords &#8211; and these had been posted on a Russian Bitcoin forum.<\/p>\n<p>I was a little sceptical, as Google tends to be pretty secure on that front and they had made no announcement regarding the incident. The news was published on a number of fairly high profile, legitimate news sources as though it was real (<a href=\"http:\/\/time.com\/3318853\/google-user-logins-bitcoin\/\">TIME<\/a>, <a href=\"http:\/\/sanfrancisco.cbslocal.com\/2014\/09\/10\/how-to-check-if-your-google-gmail-account-is-among-5-million-usernames-passwords-leaked-to-russian-bitcoin-site\/\">CBS<\/a>, <a href=\"http:\/\/www.fastcompany.com\/3035558\/fast-feed\/passwords-for-5-million-google-accounts-leaked\">FastCompany<\/a>, <a href=\"http:\/\/www.ibtimes.com\/5-million-gmail-usernames-passwords-hacked-posted-russian-bitcoin-forum-report-1684368\">IBT<\/a>, <a href=\"http:\/\/www.independent.co.uk\/life-style\/gadgets-and-tech\/news\/5-million-google-account-details-leaked-on-russian-bitcoin-forum-9725030.html\">The Independent<\/a> &#038; many more).<\/p>\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/farm4.staticflickr.com\/3852\/15217512042_ae73f63860.jpg\" alt=\"Google Password Leak\" \/><\/p>\n<p>Some may say the whole thing was just an elaborate e-mail farming excercise as many articles cited a domain <em>IsLeaked.com<\/em> which <a href=\"http:\/\/jameswatt.me\/2014\/09\/10\/isleaked-com-registered-2-days-before-gmail-leak-public\/\">registered a mere 2 days before<\/a> the huge password leak..by Russians.<\/p>\n<p>Plenty of room for conspiracy theories here.<\/p>\n<blockquote><p>In some cases, those alleged breaches are not quite what they seem to be. Case in point is a report first posted to a Russian Bitcoin forum site that information on nearly 5 million Google account holders was breached this week.<\/p>\n<p>Any alleged attack against Google is noteworthy, and 5 million accounts is also a significant number. That said, the bigger questions that always should be asked in any breach coverage center on what was stolen and whether there is any real impact.<\/p>\n<p>As a professional, facts are my currency, and speculation is just a cheap narcotic. So when I initially saw the first Google account breach reports, I held off on writing until the facts were revealed.<\/p>\n<p>The facts are that Google itself was not breached and 5 million users are not actually at risk.<\/p>\n<p>In a blog post Sept. 10, Google claimed that less than 2 percent of the username\/password credentials in the Russian breach list were actually valid.<\/p>\n<p>To add further fuel to the fire, Google noted that its automated anti-hijacking systems would limit the risk on the 2 percent that might be affected. Additionally, Google is now telling those people in the 2 percent list that they are required to reset their passwords.<\/p><\/blockquote>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<p>Google did release something later about this &#8216;compromise&#8217; and stated that less than 2% of the leaked e-mail addresses were valid credentials and all those that might have been effected have had their passwords forcibly reset.<\/p>\n<p>The Google announcement is here: <a href=\"http:\/\/googleonlinesecurity.blogspot.com\/2014\/09\/cleaning-up-after-password-dumps.html\">Cleaning up after password dumps<\/a><\/p>\n<p>They also stated categorically that the leaked account details were not due to a compromise of any Google systems.<\/p>\n<blockquote><p>So to recap, it wasn&#8217;t 5 million &#8220;real&#8221; passwords, and of those that might be real, there is little user risk. It also was not actually an attack directly against Google&#8217;s infrastructure either.<\/p>\n<p>&#8220;It&#8217;s important to note that, in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems,&#8221; Google stated. &#8220;Often, these credentials are obtained through a combination of other sources.&#8221;<\/p>\n<p> So what does that mean? Simply put, Google account information is also used on non-Google systems and also might be stored outside of Google&#8217;s control or influence. An attacker can get a user account by a breach of a third-party system or more likely via a phishing attack against a user.<\/p>\n<p>In this case, Google has made it painfully obvious that the risk is low with this credentials breach. Aside from the fact that only 2 percent of the account information might be valid, Google&#8217;s efforts to protect its users and its systems from attacks are exemplary. Alerting users to the potential of a highjack and requiring a new password is an excellent best practice.<\/p>\n<p>The use of other security tools and techniques to detect anomalous account behavior is also admirable. As I&#8217;ve written in the case of the Apple iCloud security incident, it is incumbent on Internet vendors and online services to proactively defend users against fraud, and that&#8217;s precisely what Google is doing.<\/p><\/blockquote>\n<p>So basically yah, this is a whole lot of non-news about something that didn&#8217;t really happen. Either way, keep your accounts safe and <a href=\"https:\/\/www.google.com\/landing\/2step\/\">set up 2FA please<\/a>.<\/p>\n<p>But it does show once again, Google is up on the security of its userbase and it intends to keep everyone safe. Because they need your data, that&#8217;s how they make money.<\/p>\n<p>Source: <a href=\"http:\/\/www.eweek.com\/security\/the-google-password-hack-that-wasnt.html\">eWeek<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>So a big panic hit the Internet a couple of days ago when it was alleged that Google had leaked 5 Million e-mail account passwords &#8211; and these had been posted on a Russian Bitcoin forum. I was a little sceptical, as Google tends to be pretty secure on that front and they had made [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"So did Google get hacked and leak 5 million E-mail Account Passwords on a Russian Bitcoin forum? No it didn't - read the article for details.","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[31,17],"tags":[1573,2486],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3791"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=3791"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3791\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=3791"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=3791"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=3791"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}