There it was on the screen staring back at me. The cursor blinked incessantly as I tried to wrap my head around the news. 5 million Gmail accounts had been compromised. I mopped the sweat from my brow with the back of my sleeve as I tried to regain composure. I reached across the desk for the bottle of headache remedy and flicked the cap off. It never seemed to be fastened.
Knocking back two capsules I chased it with lukewarm coffee. It was a harrowing moment. To think off all those poor souls that had their email addresses and passwords laid bare for the world to see. But, who could have caused such a breach?
Well, about that. It seems that this was merely a collection of old usernames and passwords that has been culled together in the hopes of grabbing headlines.
Several internet security experts who examined the leaked list, which was posted as a text file to the Russian online forum Bitcoin Security, reported on Twitter that the passwords appear to be several years old.
Danish cybercrime specialist Peter Kruse of the CSIS Security Group tweeted that the leak "likely originates from various sources" and that most of the leaked passwords are more than three years old.
These accounts first showed up on the Russian Bitcoin Security forums and were shared on Reddit...and soon after deleted.
I find this sort of thing rather aggravating. A “leak” of old accounts hits the Internet and the media swallows its own tongue in a fit of apoplexy. This is a common practice of late. A perfect example is that of a database dump for McDonald’s in Malaysia. A few weeks ago a “hacker” group published the information claiming that they had had the company web server. Problem with that is that the EXACT information was posted by another group in 2012.
Thankfully, the press didn’t fall for it that time. If you have a Gmail account and you’re even a little bit curious. Change your password. Then, for good measure, enable two factor authentication on your account.
(Image used under CC from n.bhupinder)