A database containing nearly 5 million Gmail user accounts and passwords was leaked on Bitcoin Security, a popular Russian website devoted to the cryptocurrency – Bitcoin Security.
It appears, however, that much of the data is old or most of the passwords don't actually match with the Gmail accounts on the list. Mashable suggested that data was likely gathered via various data breaches and includes emails and passwords for websites or third-party services rather than Gmail itself.
In a blog post, Google said that it "found that less than 2 percent of the username and password combinations might have worked, and our automated anti-hijacking systems would have blocked many of those login attempts. We've protected the affected accounts and have required those users to reset their passwords."
The hackers did not obtain the usernames and passwords via a breach of Google systems, the company said.
If you want to check if your email address is on the list, you can download and search through the file still loaded in the Russian forum: https://forum.btcsec.com/uploads/manual_09_2014/google_5000000.7z
The data in the file does not include password, but just email addressed for you to check if you are affected.
You can also check if your Gmail account was hacked through KnowEm, who has made the hacked list of emails publicly searchable. You need to enter your address and get instant not if you're on the list of possible compromised accounts.
Some experts, however, say that placing inquiry may notify the potential hackers that this email address is active. Not sure, how true that is, but I checked my non-essential Gmail addresses, and got notification that I am clean.