Researchers and prosecutors stumbled upon the hacked accounts while conducting research on a botnet, a network of computers infected with malware.
Germany's Federal Office for Information Security (BSI) has created a #link:https://www.sicherheitstest.bsi.de:website# to help people find out whether or not their e-mail was among those hacked. The site temporarily crashed on Tuesday due to heavy traffic. Users who submit their email address to the website will be sent an message if their account has been compromised.
"If that happens, then your computer is most likely infected with malware," Tim Griese, with the Federal Office for Information Security, told the news agency DPA.
Authorities have not released information on who stole the e-mail accounts.
Calls for increased security
In an interview published in the Wednesday edition of the Tagesspiegel newspaper, the Social Democrats party's parliamentary expert on digital affairs called for more investment in security research.
"This case shows how the the issue of online identity theft has developed, and that we probably have a lot to do in the future," said Lars Klingbeil. "That will cost money, but we should invest."
On Wednesday, the Mittledeutsche Zeitung reported that despite the massive hack being disclosed publicly this week, the BSI was aware of it in December.
slk,dr/lw (dpa, Reuters)