I just checked using a bunch of throwaway email accounts I had to sign up for various promotions. One of them was leaked - and one of them had a very old password associated with it.
I now use KeePass2 to manage all my passwords - so the old password has absolutely nothing to do with the new one. This makes me think that they simply tried to use some other hacked site, and checked to see whether the same pwd was recycled for gmail.
I now use KeePass2 to manage all my passwords - so the old password has absolutely nothing to do with the new one. This makes me think that they simply tried to use some other hacked site, and checked to see whether the same pwd was recycled for gmail.