
Was your Gmail compromised in yesterday's attack? - xiunhao888
https://isleaked.com/results/en
======
adamfeldman
Why would you put your gmail address into a random website? Google, being
Google, has already taken care of this:
[http://googleonlinesecurity.blogspot.com/2014/09/cleaning-
up...](http://googleonlinesecurity.blogspot.com/2014/09/cleaning-up-after-
password-dumps.html)

You should also already have two-factor authentication setup, so you shouldn't
have anything to worry about:
[https://support.google.com/accounts/answer/180744?hl=en](https://support.google.com/accounts/answer/180744?hl=en)

~~~
malvosenior
Says my account was hacked, but then gives me the incorrect two letters for
the start of my password. Seems bunk.

Also, why wouldn't you give your email address to a random website? I have it
plastered all over the net. Spam is a solved problem at this point. Ironically
thanks to Gmail!

Agree on 2 factor auth though.

~~~
omh
_Says my account was hacked, but then gives me the incorrect two letters for
the start of my password_

Out of interest - are those two letters the start of a password from any other
site?

Presumably the leak came from a third party site so it would be your password
from there rather than your gmail password.

~~~
malvosenior
Nope, I have a throwaway I normally use but this isn't it. Not sure what this
is coming from, but I don't recall any passwords that start with these two
characters.

------
christiangenco
I usually never enter any personal information in sites like these, but this
clause won me over:

> If you don't like to specify your full email address for any reason, you can
> replace up to 3 characters with asterisk sign (e.g., for myaccount@gmail.com
> enter myac __*nt@gmail.com), thus we 'll show you a count of matches for
> this pattern. We respect your privacy.

------
nmjohn
This link was posted yesterday [0].

The passwords were not leaked from google, parts of it maybe were new, but
other parts are suspected to be copied from older leaks.

The actual dump can be found if you look for it - with full passwords.

We can get a pretty good idea where they come from too by searching for emails
with a + in the domain and looking at what comes after (I delete uninteresting
ones - like single letters or numbers):

$ grep '+' goo.txt | cut -d+ -f2 | cut -d@ -f1 | sort | uniq -c | sort -h

    
    
          7 wholefoods
          9 albumhunt
          9 freebies
          9 itickets
          9 rsbuddy
         11 comicbookdb
         11 paygr
         12 junk
         12 texasmonthly
         14 usercash
         15 precyl
         17 freebie
         18 bravenet
         18 filesavr
         19 policeauctions
         31 freebiejeebies
         51 bryce
         52 savage2
         54 bioware
         57 spam
         62 savage
         63 friendster
         64 eharmony
         66 daz3d
         88 filedropper
        132 daz
        176 xtube
    

[0]:
[https://news.ycombinator.com/item?id=8295102](https://news.ycombinator.com/item?id=8295102)

------
aquil_abdullah
I would be VERY VERY suspicious about this. Who are the people behind
isleaked.com? I would read this post before first:

[http://jameswatt.me/2014/09/10/isleaked-com-
registered-2-day...](http://jameswatt.me/2014/09/10/isleaked-com-
registered-2-days-before-gmail-leak-public/)

------
BillFranklin
There are a few websites like this with varying reliability (either haven't
been updated recently or have inferred the worst-case-scenario from hacks).
This is the first time I've seen this one. You could also check out these:

[https://haveibeenpwned.com/](https://haveibeenpwned.com/)
[https://breachalarm.com/](https://breachalarm.com/)
[https://pwnedlist.com/query](https://pwnedlist.com/query)

Though I doubt they will include the most recent hack.

------
mparramon
Mine was, but the password there is more than 4 years old, I have changed it
several times since then. Makes me think that this leak is just a collection
of old leaks out together.

~~~
celticninja
this is exactly what has happened, someone pulled together a load of data from
hacks and leaks and made one file. the data in general appears to be years out
of date, of course some people may still have the same password and may have
reused credentials for other sites.

------
adricnet
Could we get a more accurate headline please? At least s/attack/dump/ ? There
was no attack reported.

The Google blog post noted in a comment has much better information, it seems:
[http://googleonlinesecurity.blogspot.com/2014/09/cleaning-
up...](http://googleonlinesecurity.blogspot.com/2014/09/cleaning-up-after-
password-dumps.html)

I don't see an article or site title at the URL so hopefully suggestions are
useful here.

------
kolev
I think a lot more emails leaked due to people putting their full email to
check than during the leak, although the service says people can use a search
pattern, but who'd bother, right? People, it's inconvenient, I know, I know,
but, please, start using 2FA! At last! I thought a lot of people who are not
technical, Authy is a better tool, so, please, spread the awareness, and let's
put this nonsense to an end!

------
adlpz
The obvious question: is this site to be trusted?

~~~
rtkwe
Not sure. It said my email was in the leak but the "First two symbols of
password is: __" is from one of my old passwords I don't use any more, don't
know when I changed it away from that old password.

If you're more concerned about spam it's your gmail address which is probably
already getting loads of spam you don't notice because gmail's filters are
excellent.

------
maerF0x0
@xiunhao888 , you should put a warning in the title so people read the
comments first. The james watt blog post is important information
[http://jameswatt.me/2014/09/10/isleaked-com-
registered-2-day...](http://jameswatt.me/2014/09/10/isleaked-com-
registered-2-days-before-gmail-leak-public/) .

------
fphhotchips
I took a look and then compared against my current LastPass account (in case
it was from another site's leak), and nothing. I've never had a password for
gmail that started with these two characters, either.

------
myrandomcomment
I am confused. Is this Reddit because this is a "repost"?

[https://news.ycombinator.com/item?id=8295102](https://news.ycombinator.com/item?id=8295102)

------
woodylondon
FYI > I checked all my accounts and one was leaked. HOWEVER, it was the
password I used when I first setup the account in 2004, and has been changed
many times since.

------
knd775
This doesn't seem to work with Google Apps emails. Were thy not at all apart
of the leak?

------
nkozyra
I'm always slightly offended when my email address isn't in these things.

------
kolev
It's funny that HN itself does not use 2FA via YCominator's Authy, let's say.
So pathetic!

