A large text file billed as a list of usernames and passwords for more than 4.9 million Google accounts is likely a collection of credentials from different sources, not from a breach of the company's systems, Google stated on Wednesday.
The file was leaked to the Bitcoin Security board on Tuesday by a user known as "tvskit" who claimed that more than 60 percent of the passwords were good, according to translated content on Russian news site RT. Yet, in its own analysis, Google found that only 2 percent of the credentials would have worked and an even smaller number been used successfully.
"Our automated anti-hijacking systems would have blocked many of those login attempts," the company's spam and abuse team said in the analysis. "We’ve protected the affected accounts and have required those users to reset their passwords."