Millions of Gmail addresses and passwords were leaked Tuesday, but Google encouraged users not to worry.
Five million Gmail accounts were exposed on a Russian Bitcoin security forum, although Google claims in a blog post that only two percent of the address/password combos were current.
The post reads:
We found that less than 2% of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We’ve protected the affected accounts and have required those users to reset their passwords.
It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems. Often, these credentials are obtained through a combination of other sources.