A lot of people are changing their Gmail Passwords since the news on 5 million Gmail passwords leaked widely spread all over the internet today. According to the new, the user “Tvskit” posted the zip file with the following screenshots in Russion Bitcoin forum.

Some sources said that the passwords in that file are 60% accurate but old passwords. I followed a few links to get the zip files from different source (including the original btcsec website) and extracted them on a VM. Here is the list of links that I downloaded the files. (Note: I intentionally didn’t link them from my blog. )

Here is the size of those Gmail passwords files that I downloaded. 

If you are planning to download those files from those websites that I posted in screenshot and the size are the same, don’t bother downloading it. Because those files don’t contain any password and it’s just the list of user names. (4929083 accounts in totals)

A user “cDull” from reddits also shared what they think about what happened as below in this post “5 Millions of “Gmail” passwords leaked [RUS], most likely it’s a compilation of passwords from other sites”

That is pretty smart of you, and there are many others that had same idea. Just do a grep for ‘+’ in the gmail account dump and you see a lot of eharmony, filedrop, friendster, bravenet, bioware, savage, xtube, and others if you do the command below. There might be more than 20 different website references in there. This is definitely a compilation and a bunch of bullshit FUD.

grep '+' google_5000000.txt | cut -d+ -f2 | cut -d@ -f1 | sort | uniq -c | sort -h | tail -n 21
18 bravenet
18 filesavr
19 policeauctions
25 4
27 eh
28 3
32 freebiejeebies
40 hon
51 bryce
52 savage2
54 bioware
57 spam
60 2
62 savage
63 friendster
64 eharmony
66 daz3d
88 filedropper
125 1
132 daz
176 xtube

If you managed to get the file then don’t forget to use a VM before extracting the file. Of course, you have the file with passwords then let me know..