Customers have reported incidents of large numbers of spam accounts even with the current recaptcha version enabled. An upgrade to the latest version would be the ideal solution to this. I see that there is in fact a PR open in system related to this. We can track the progress of that PR via this JIRA for the customer.
Note: reCAPTCHA v1 API will not work after March 31, 2018: https://developers.google.com/recaptcha/docs/faq