Almost 5 million Gmail accounts and passwords have been posted as text file on a Russian Bitcoin forum. Account details for users of Mail.ru and Yandex have also leaked to various websites. Google have released a statement which claims that these passwords were not obtained via a hack, but the data was instead collected from phishing websites over several years. This leak mainly affects English, Spanish and Russian language users.
If you’re worried that your account could be part of this leak, I have some suggested actions for you to take:
Check your email address in the database: The CM Security Research Lab has created a quick tool to determine whether or not your password is in the leaked list.