Yesterday news came that millions of Google passwords leaked online to a Russian Bitcoin forum. The news went viral and the number of passwords tracked were as high as 5 millions. Google although states that they had no evidence of any server attack. But a typical peculiarity was seen in the passwords. The passwords either belonged to some old accounts which are not used or passwords that are being used in services in correspondence with Gmail account. This means there are various websites or apps that let us login using our Facebook or Gmail accounts. Hackers could fetch information like that and not original Gmail passwords.
According to Reddit reporters, they checked and found that some username password combinations were matching with some of their services where they used Goggle username for logging in but those were not their actual passwords. About less than 2% of combinations matched and this indicates that some other service was hacked which allows login through Google. There is a possibility that the correctly matched passwords are of those people who use same passwords everywhere.
Google has strictly warned all of their 5 million users to change their passwords. Recently Microsoft published an article stating what mistakes users make while giving passwords and it stated that one major mishap many users make is to keep same passwords for every account. This instinct has been fruitful for the Russian hackers. However, change your passwords as early as possible.