Hmm, I think that's somewhat misleading after reading the article. What they have are email addresses and passwords from sites *other* than the big ones like gmail, yahoo, etc. Those sites weren't directly compromised, but it's more of a "if you use the same email and password" thing that would make one compromised.

On Thu, May 5, 2016 at 9:41 AM, Finkenbinder, Kevin <[log in to unmask]> wrote:

While this does not directly affect most of our systems, you might want to share with end users:

Synopsis: A Russian hacker has collected about 272 MILLION credentials from gmail, yahoo, office365/Hotmail/outlook.com, mail.ru and other associated sites (this includes Microsoft sites such as MSDN that often share credentials with the Hotmail/outlook.com/office365. If password is older than about 24 hours, assume it is compromised. Remediation recommended: Set up new passwords, 2 step authentication and app specific passwords as appropriate.

https://www.theguardian.com/technology/2016/may/04/gmail-yahoo-email-password-hack-hold-security

--

Kevin Finkenbinder

Web Applications Developer

Michigan State University Libraries
366 W. Circle Drive W441 Cube 18, Mailstop 13
East Lansing, MI 48824

[log in to unmask]

517-884-7352