Google has confirmed that a large number of passwords to its email accounts have been stolen in an "industry-wide phishing scheme" which affects Hotmail, Gmail, Yahoo Mail, AOL and a number of other service providers.

Following the news that 10,000 Hotmail passwords had been posted on the Web, a second list surfaced - this time containing 20,000 account details from a string of different account providers. Some of the accounts are old, unused and fake, but many are genuine according to the BBC.

Google said: "We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts. "As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them".

The company added that the password issue wasn't a breach of its security, it was instead a scam where users have been tricked into giving up their passwords on what they thought were legitimate sites. These types of attacks are known as "phishing".

Security experts have recommended that if users suspect they might be affected then they should immediately change their passwords, as well as on any other sites that share the same password.