At least five million Gmail addresses and passwords appear on a Russian Bitcoin forum site. Google says they have no evidence of a server breach, and the list appears to be a collection of passwords exposed in previous hacks and are likely on users’ own computers, not Google’s systems. Google spokeswoman Caroline Matthews:
We have no evidence that our systems have been compromised.
The company also says that the authenticity of the list has not been proven. Google is warning affected users to take steps to further protect their Gmail accounts, like creating a stronger password and using an extra security feature called “two-step authentication.”