Hmm, I think that's somewhat misleading after reading the article. What they have are email addresses and passwords from sites *other* than the big ones like gmail, yahoo, etc. Those sites weren't directly compromised, but it's more of a "if you use the same email and password" thing that would make one compromised. On Thu, May 5, 2016 at 9:41 AM, Finkenbinder, Kevin < [log in to unmask]> wrote: > While this does not directly affect most of our systems, you might want to > share with end users: > > Synopsis: A Russian hacker has collected about 272 MILLION credentials > from gmail, yahoo, office365/Hotmail/outlook.com, mail.ru and other > associated sites (this includes Microsoft sites such as MSDN that often > share credentials with the Hotmail/outlook.com/office365. If password is > older than about 24 hours, assume it is compromised. Remediation > recommended: Set up new passwords, 2 step authentication and app specific > passwords as appropriate. > > > > > https://www.theguardian.com/technology/2016/may/04/gmail-yahoo-email-password-hack-hold-security > > > > -- > > *Kevin Finkenbinder* > > Web Applications Developer > > Michigan State University Libraries > 366 W. Circle Drive W441 Cube 18, Mailstop 13 > East Lansing, MI 48824 > > *[log in to unmask] <[log in to unmask]>* > > *517-884-7352 <517-884-7352>* > > >