Google: No Breach In Latest Online Dump Of Credentials

The online leak of some 5 million username and password combinations consisted of mostly stale or older credentials that dont actually work, Google says.

Speculation was high yesterday in the wake of
a Russian news outlets report
that some 5 million Google usernames and passwords had been doxed or dumped online for all to see.
Google set the record straight late yesterday that no breach of Google systems had occurred and most of the dumped credentials were stale: less than 2% of the credentials actually work. The search engine giant says its automated anti-hijacking systems would have blocked any attempts to use any working stolen credentials.
One of the unfortunate realities of the Internet today is a phenomenon known in security circles as credential dumps -- the posting of lists of usernames and passwords on the web. We’re always monitoring for these dumps so we can respond quickly to protect our users, Google said
in a blog post
.
Google reiterated what most security experts already had inferred: that the stolen usernames and passwords were not the result of a Google breach, but instead due to everything from credential reuse on the web to possible malware and phishing attacks.
For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others. Or attackers can use malware or phishing schemes to capture login credentials, Google said.
Google recommends users adopt its two-factor authentication option, as well as create a strong and unique password.
Said David Hobbs, director of security solutions at Radware, businesses and consumers should now expect their personal information to be leaked at some point. Users need to keep in mind that the best defense is a good offense -- minimize your vulnerability by thinking twice about what data is placed in the cloud, Hobbs says. Also, the standard best practices hold true: stop using the same passwords across multiple online services, and create a rotation plan for regularly changing passwords.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Google: No Breach In Latest Online Dump Of Credentials