Google report: 1.5% of users still use the leaked credentials to log in to the website