[pranxter]

Hey Folks,

You might have read about yesterday's huge dump of Gmail credentials in one of the Russian Forums which mainstream media has picked. One of the links here from TheNextWeb

Now, unfortunately my ID was in the list too and what prompted me to write to thread is the only place where I had used that password was here for the forums. I may have ticked the alarm bell ringing but if you have used gmail for this forum, kindly check if its indeed the password you use here. A site has been put (I have no affiliation with them nor do I generally recommend, but its only the email address that you need to enter) isleaked.com isleaked dotcom and the site would show the first two characters of the password.

I have gone through my credential list and can confirm the first two characters indeed match here and as a security best practice I do not re-use passwords and recommend the same to my customers.

Admins, request you to take actions as needed. Just to give some heads up, I am a Information Security Consultant

Prasanna

[prateekm]

This seems to be a huge collection of phished passwords, don't think that the Google database was compromised. A couple of my friends found their emails in the database, but the passwords were 2-3 years old.

[pranxter]

Quote:

Originally Posted by prateekm

This seems to be a huge collection of phished passwords, don't think that the Google database was compromised. A couple of my friends found their emails in the database, but the passwords were 2-3 years old.

Right. For mine, it wasn't the gmail password, but it was what I "had/have" used for logging into the forum here. Not necessarily it has to be the gmail password. Hence asking people to check if its indeed what they have used for logging into this forum

[alpha1]

Quote:

Yes! Account s*******@gmail.com is found! First two symbols of password is: pa. Immediately change your password!

MEH! Not even close. There is no "pa" in my gmail password.

[Soumyajit9]

Lucky me and wifey. Our email ids' did not feature in the search results.

Just FYI, the link points to Russian language website, and Google Chrome translator screws it up.
So try this link: https://isleaked.com/en

And just like in English movies, the apocalypse has major affect in Western Countries rather than India.

On a serious note, nevertheless, please do check if you are affected or not.

[filcord]

Quote:

Originally Posted by pranxter

....You might have read about yesterday's huge dump of Gmail credentials in one of the Russian Forums which mainstream media has picked. ...... A site has been put (I have no affiliation with them nor do I generally recommend, but its only the email address that you need to enter) isleaked.com isleaked dotcom and the site would show the first two characters of the password.
@terminalfix

I cannot see any first two characters of any password being shown. All it says is that my email address is included

[jkdas]

Guys, its not a new hack just collection of old hacks etc they had collected over years. You are safe if you change password regularly.

Please see that you always have a complex password (8-9 character long) with numbers/symbols/alphabets and never reuse account info on another forum/website.

[ramzsys]

Quote:

Yes! Account ramzsys@gmail.com is found! First two symbols of password is: fu. Immediately change your password!

That was the starting letter of my team-bhp(and many other forums long back). Never used that for google. So looks like google account data was not compromised.

[dass]

What is the credibility of this information? Has google confirmed that there has been a leak? my email address isn't there, but never the less, good idea to change the password.

[sushanthr77]

I really don't think that the website is legit. Please don't enter your email ids here.

[ani_meher]

If you want to check on that website, enter 3 stars, that is don't enter team-bhp@gmail.com, but enter team-***@gmail.com.

[DudeWithaFiat]

Quote:

Originally Posted by sushanthr77

I really don't think that the website is legit. Please don't enter your email ids here.

The NextWEB is a reputable technology website. I don't think they will provide a link to a malicious/scam website in their article.

[Hrishi_111]

That appears to be an old database (collection of compromised passwords over several years).

Anyone, who change his/her password frequently need not to be worried at all.
If you haven't changed the password for years, do it now without even looking for your ID in the list.

IMO, providing your Gmail IDs to these websites is not a good idea as well (risk of revealing your identity to unknown source), so refrain from doing it.

[OHCVtec]

The password that they indicated is the one I had years back.It's scary how vulnerable our digital life's are.

[pranxter]

This is not to scare anybody or create FUD, but I am just trying to figure out few things..
What I am worried about and indicated in my first post is not about gmail password being leaked. Those might be for third party services where gmail is used for logging in or for account signup.

The password it listed actually matches with the password I had set for Team BHP. So I have reasons to doubt if the credentials of the users in the forum might have been indeed leaked (may be in the past or it was harvested over a period of time).

Apparently, I got hold of the email dumps and it has only the first 2 character of the password. While going through this file I noticed couple of email IDs with 'teambhp' suffixed to them and one of them was admin+above keyword.

Now, If it's indeed the admin and the password was not changed I would be worried!

I used 'grep' incase you are wondering if I went through 5 million text lines