A hacker has managed to use a large network of computers to steal credentials to accounts for various websites, FTP accounts, email accounts, remote desktop accounts and secure shell accounts. These together amount to approximately 2 million passwords that have been stolen. This includes passwords for:
- Gmail (or any other Google service such YouTube or Google+)
I would highly recommend changing your passwords for the above websites immediately. Some of you might have web hosting accounts at sites such as HostGator, GoDaddy or Domain.com. If you do, then it would be a good idea to change your passwords for your cpanel login on those sites as well right now.
Not only should you change your passwords, but make them at least 15 characters long. They should consist of uppercase and lowercase letters, 2 digits, and at least 1 special character. I would suggest using a password storage system such as Lastpass. A lot of you might ask me “Why would I want to care about this?” Well, let’s say you have important emails with sensitive information stored in them, or a site where you have holiday photos stored(e.g. Flickr). If the hacker-in-question has managed to get hold of your password for your Gmail or Yahoo Mail account, then they can compromise any accounts that you might have for services such as DropBox, Tumblr, WordPress or many other services. This is because you might have used your email account to sign up these services including Facebook. Remember: if the hacker gets hold of your account, he effectively has the keys to the kingdom. I know this might sound scary, but this is the truth.