If you have used your Gmail account to sign up to other websites, and that password you used on the other site is the same or similar to your email password, now is a good time to change your password.
A list of almost five million email address and passwords was posted in a Russian Bitcoin forum.
The list included English, Spanish and Russian-language users of Google's email service.
The email addresses and passwords are no longer listed online, but a portal has been created to allow users to check whether they have been affected.
According to technology news site Mashable, it appears the passwords were not obtained through a security breach at Google but through phishing - scams that trick users into handing their details over - or from sites where users need to create an account and log-in.
These passwords also appear to be old.
As it appears not to be the passwords used to access the email account that have been collected, it is of most concern if you use the same or a similar password when registering on other websites.
Share
