Google denies breach after hackers leak millions of user logins

Google has denied that its computer systems were breached and downplayed the threat after hackers claimed to have leaked 4.9 million Gmail logins.

Hackers posted what they claimed were the email addresses, usernames and passwords of nearly five million Gmail customers, exposing them to identity theft.


The data was first posted on a Bitcoin security forum called by a hacker using the name of “tvskit”, who claimed that 60% of the entries were valid.

But Google said the data is probably a collection of credentials from different sources, and that only 2% of the credentials were correct and an even smaller proportion could be used to access accounts.

“Our automated anti-hijacking systems would have blocked many of those login attempts,” the company’s spam and abuse team said.

The team added that the affected accounts were now protected as the account holders had been forced to change their passwords.

The cache of credentials is the third of its kind to appear on Russian internet forums in recent days, according to Ars Technica.

Files that allegedly contained the login credentials of 4.7 million and 1.3 million Yandex accounts were also leaked online.