Cyberattack on 183 million accounts — Gmail confirms data breach

Troy Hunt, owner of the Have I Been Pwned? (HIBP) leak monitoring resource, has confirmed the leak of current Gmail user credentials.

The new data set, which arrived at HIBP on October 21, consists of 3.5 terabytes of information collected over nearly a year. Although much of the data is duplicates from previous leaks, analysis showed that more than 16.4 million email addresses had not previously appeared in any known compromised data sets.

How the leak was confirmed

• According to Troy Hunt, information in infostealer logs often contains three elements: a website address, an email address, and a password. Records containing the gmail.com domain were particularly alarming.

• One of the users whose data was leaked confirmed that the password found was active for his Gmail account, indicating the relevance of some of the stolen data.

• This incident once again highlights the risks of using the same password for multiple services, as data stolen from one site can be used to access critical services.

Recommendations from Google 

Google has responded to the situation, confirming that this report covers a wide range of infostealer activity targeting various web activities. To protect users, Google recommends taking the following steps immediately:

• Two-step verification (2FA) — a barrier that prevents attackers from logging in, even if they know your password.

• Switch to Passkeys: Google promotes this technology as a simpler and significantly more secure alternative to traditional passwords.

• Password Check: Users should check their passwords using tools such as Google Password Checkup (in Chrome) or other password managers that monitor known leaks.

Users are also advised to immediately change any compromised or reused passwords. Google also has its own password reset process when it detects large dumps of compromised credentials.

Read more: Discord reported a data leak: up to 70,000 users may have been affected