djbagaha@gmail.com / Depositphotos.com
A massive breach has compromised 183 million Gmail accounts, exposing passwords and logins in what security analysts say is one of the largest credential dumps ever uncovered. The data affecting Gmail and many other services surfaced online this month as part of a 3.5 terabyte cache containing billions of stolen records.
Cybersecurity researchers say the breach stems from infostealer malware, which secretly harvests usernames and passwords from infected devices. Criminal networks compiled the stolen information into lists that later appeared on underground forums and were collected by security analysts. Tens of millions of affected credentials were verified after users confirmed the passwords still matched active accounts. The number includes about 16.4 million Gmail credentials that have never appeared in previous leaks.
Although Gmail account passwords are part of this dataset, experts stress the breach did not involve a direct attack on Google. Instead, hackers targeted individuals who reused passwords across multiple services and allowed malicious software to access saved logins through web browsers. The incident exposes a risk that attackers could access far more than email if passwords are shared with banking, cloud storage or social media platforms.
Anyone concerned about whether they have been affected can check the status of their logins at HaveIBeenPwned.com by entering an email address. Google also offers a password checkup tool through its account security dashboard to identify weak or compromised passwords linked to Chrome.
Security professionals urge Gmail users to act immediately if they find their credentials in the leak. They recommend changing email passwords to strong and unique alternatives, enabling two factor authentication to block unauthorized access, and reviewing account activity for suspicious logins. Experts also advise against relying on browsers to store passwords and suggest using an encrypted password manager instead. They note that antivirus software and safe browsing habits are key to preventing infostealer malware from gaining access in the first place.
Cybersecurity analysts say the size of the leak is a reminder that stolen data can continue to resurface for years. They warn that complacency and password reuse remain the biggest threats to online safety.
Comments