Find out if your Gmail password was stolen

Martin Brinkmann
Sep 10, 2014
Updated • Sep 11, 2014
Email, Gmail

Update: From what has been gathered so far, it appears as if this is not a new hack, and that the list may have been created from different sources. Google has posted an official response. According to the company, the data dump was not the result of a security breach.

Today's big news is the release of a database with more than 5 million Gmail email account user information. The database appears to include usernames, passwords and email addresses of users and while it has not been confirmed as legitimate yet by third parties it has been made available publicly on the Internet.

It is for instance possible to download all leaked email addresses from the file hosting service Mega. While you will only find email addresses listed in the 100 Megabyte text document, it is enough to verify if your own Gmail email address is affected by the leak.

Downloading the email address and searching for your own email is probably the best option that you have to find out if you are affected. If you don't want to download the packed 36 Megabyte file to find out, you can also use third-party services such as Is Leaked on the Internet.

Update: removed the direct link to the site. Use the Mega download instead to verify if your email is on that list.

Here you need to enter your Google email address first to check it against the service's database. The service will notify you if the email that you have entered has been leaked or not. To confirm that the situation is dire, it will display the first two characters of the password as well which account owners can use to verify the claim.

gmail account hacked

Change your password

If your email is on the list, change your Gmail password immediately. This is the most important step and should come before any other steps that you can undertake.

  1. Open the security page on the Google website.
  2. Click on change password.
  3. Enter your current password and the new password twice.

This blocks anyone from accessing your account with the old password. You may also want to sign out of all existing Gmail sessions. You find information on how to do that below.

Verify your account was not accessed

gmail login history

You may want to know whether your account has been accessed if your email address and user information are on that list. The best way to do so is to visit the official Gmail website, sign in to your account if you have not done so already, and click on the "details" link at the very bottom of the main screen.

This lists all recent activities sorted by data and time. For each activity, the access type, e.g. web browser or mobile, location and IP address are recorded which may provide you with additional hints.

Here you can also click on "sign out all other sessions" to block any other session that may be accessing your data at that time.

You may also want to check your Google account activity as well. Since it is possible to use a Gmail account to access other Google services, you may want to make sure that this did not happen as well.

Visit this page on the Google website to verify that all activities are legit.

Protect your account with two-factor authentication

You can improve the overall security of your account by enabling two-factor authentication. While you do need to add a mobile phone number to your account for that to work, it improves the security significantly by adding another layer of protection to the sign in process.

Attackers cannot use email address and password alone anymore as they do need access to the mobile phone number as well to check the code that is generated during the sign in process.

Here are a couple of links to get you started:

  1. How to enable Google two-step verification
  2. Use Google 2-Step authentication without mobile phone
  3. Google account features you need to know about
Find out if your Gmail password was stolen
Article Name
Find out if your Gmail password was stolen
About 5 million Gmail email addresses and passwords were uploaded to the Internet today. Find out if your account is among the leaks and what to do about it.

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Rick said on September 12, 2014 at 3:29 pm

    I took the MEGA archive file and sorted list of emails (and removed duplicates). The archive to download and final text file are a little bit smaller than the original MEGA and is available off of

    Have at it if you so desire. RICK

  2. John said on September 12, 2014 at 9:28 am

    A good practice is to use a password manager to manage your passwords securely. I use “Intuitive Password” online password manager, it manages all my passwords in one place securely. Also, it provides a way to login to any site with a single mouse click!

  3. Dwight Stegall said on September 11, 2014 at 5:01 am

    Loading a 100 mb text file will crash most home computers.

    1. rickbee said on September 11, 2014 at 7:15 am

      The file on mega is only 36.3mb not 100mb.

      1. rickbee said on September 11, 2014 at 5:05 pm

        Sorry my mistake.

      2. Martin Brinkmann said on September 11, 2014 at 7:41 am

        It is 100 MB after you extract it.

  4. Streko said on September 11, 2014 at 12:48 am

    Hey, do NOT use the site listed above. There are rumors flying that it was registered to harvest emails.

    Please check

    For a site with a privacy policy and a substantial background in the social media world

  5. Decent60 said on September 11, 2014 at 12:23 am

    Just for those who are interested, this list was posted with complete email and password on a Russian site, for sale in BitCoins. People have confirmed that this is a much older listing (none of mine are on there so over 6 years old; one person stated it was from 2005 time-line) of email/passwords.
    This made news on many tech sites, sadly, not too popular ones, just a few days ago when it was published on the Russian forum. Trying to trace the origins right now but so far, not much is coming up on to the proper forum, but it was confirmed by Bitcoin Security.

  6. anon said on September 10, 2014 at 10:28 pm

    None of my several gmail accounts is there. Phew…

  7. mx said on September 10, 2014 at 10:14 pm

    plus,if someone had access to your email then just changing passwords isn’t enough you should always review all the settings recovery options,forwarding, pop imap etc.

  8. David Naylor said on September 10, 2014 at 9:40 pm

    Same here. My e-mail was in the list, and the two first characters were from one of my old passwords.

  9. acr said on September 10, 2014 at 9:24 pm

    I wonder on gmail about the dot problem. For instance if the email address was joe.smith @ gmail couldn’t a hacker sign in by placing a dot after any letter in the address? I thought gmail was special in that regard. If so, do you have to check your gmail address with all the variations of a dot after every letter and at least one with no dot at all?

  10. mx said on September 10, 2014 at 9:05 pm

    you can always go here

  11. acr said on September 10, 2014 at 8:53 pm

    I tried to open the list with some Word programs and they all choked. But Notepad++ worked great.

  12. Bobby Phoenix said on September 10, 2014 at 6:20 pm

    UGH! And how do you check on Mega’s site? The link you gave just goes to the main site. Is there a special place to check?

    1. rickbee said on September 10, 2014 at 8:51 pm

      Mega is a file sharing site. The link takes you to where the text file is, so you can download it ( download button in the centre of the page) and then you can check using a text editor such as ‘notepad’ on your computer.

      1. Bobby Phoenix said on September 10, 2014 at 9:54 pm

        Thank you!

  13. Bobby Phoenix said on September 10, 2014 at 6:18 pm

    Is this only a leak from Mega? I’ve never signed up for it, so I don’t want to go doing all kinds of searching if it was only from Mega. Where was the info stolen from? You don’t list sites affected.

    1. vux777 said on September 10, 2014 at 6:47 pm

      this got nothing to do with Mega.
      Someone just posted that file for sharing on Mega service

  14. Shoikan said on September 10, 2014 at 5:34 pm

    Mine is in the list, but the password is ages old, 5+ years. Not worried at all. 2 step verification working btw.

    1. Bobby Phoenix said on September 10, 2014 at 6:15 pm

      ^ This. 2 step active. No need to worry. I get a text anytime a new login is attempted.

  15. Jorge said on September 10, 2014 at 5:19 pm

    My email is not on the list, but one strange thing happened this week. My gmail account sent a spam email to itself. The email shows up in the inbox and also in the “sent” folder. However, by looking at the “activity on the account” I see nothing unusual. How can this have happened?

  16. Jeff said on September 10, 2014 at 5:19 pm

    thanks for the heads up, Martin. My email was in the list!

  17. beachbouy said on September 10, 2014 at 5:09 pm

    No such breach has been announced in any credible news channels. There is something fishy about this. I checked my Gmail address and was told “Yes!” my account was found.

    The site also FALSELY indicated, “First two symbols of password is: it. Immediately change your password!

    The first two letters of my Gmail account has NEVER started with the letters “it.” Can you point me to a recent news article about this recent theft of Google account information?

    This is bullshit. It’s a FAKE site that is collecting email addresses to be added to a frickin’ SPAM list.

    Ghacks’ credibility just dropped several notches on my scale. This should have been checked out more thoroughly before you send your readers off to some phishing site to get screwed by hackers.

    1. Womble said on September 10, 2014 at 7:27 pm

      Have you quite finished raging?

      I can’t verify the motives of the site linked to by Ghacks, but in my experience the leak claims are genuine, if only for older accounts/passwords.

    2. Martin Brinkmann said on September 10, 2014 at 5:57 pm

      I have published a link to the Mega download which you can use as well to check whether your mail is listed or not. Anyway, I have removed the direct link pointing to the site.

      1. SP333 said on September 10, 2014 at 11:09 pm

        My email acount is in the mega file i downloaded, but i can see what pass they have?
        Where is the file with the pass!! I want to know witch pass they have!!

  18. dag said on September 10, 2014 at 4:54 pm

    Don’t check your e-mails on that site.
    You might get spam or worse.

  19. Womble said on September 10, 2014 at 4:14 pm

    My Wife’s account was one of those hacked but she seems to think the password is old(we use lastpass though so not really sure). Definitely not fake though.

    Thanks for the useful info Martin.

  20. vux777 said on September 10, 2014 at 3:48 pm

    I think this is somehow fake…
    my email is found but
    first two letters of my password are wrong

    1. John Dough said on September 24, 2018 at 6:07 am

      You can search through over 2.5 billion accounts at leaked passwords database. Free search with API available and other password security services!

    2. Anonymous said on September 11, 2014 at 4:23 am

      This is true, but the information contained is old (2-3 years, i think).

    3. anohana said on September 10, 2014 at 4:20 pm

      Where is the database?

    4. Martin Brinkmann said on September 10, 2014 at 3:56 pm

      Maybe it is an older list? Did you ever use a password starting with those two letters?

      1. Jeff said on September 10, 2014 at 5:20 pm

        A buddy of mine said the same exact thing, that the first two letters of the pw were wrong, but that he DID use that pw in the past, so it’s likely they got access to an old list.

      2. vux777 said on September 10, 2014 at 4:03 pm

        maybe…I’m not sure…I had something with those letters, but not sure that was starting with it…
        but I changed that password more than 6 months ago…maybe a year
        So, someone had old list of email-passwords and gave it now… everything is foggy about this..

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.