A massive collection of stolen login credentials involving 183 million email accounts has been added to the Have I Been Pwned (HIBP) database. However, Google confirms this was not a Gmail-specific data breach.
The credentials were gathered over the past year through malware known as infostealers. These malicious tools capture passwords directly from infected devices or browser password storage, rather than exploiting any vulnerability in email platforms themselves.
A Forbes investigation reports that the leaked dataset includes email addresses, plaintext passwords, and associated service URLs from platforms such as Gmail, Apple, Facebook, and Instagram.
This Was Not a Gmail Hack
HIBP founder Troy Hunt verified that the dataset includes login details associated with Gmail accounts. However, he clarified that this does not mean Gmail was compromised.
“Someone logging into Gmail ends up with their email address and password captured against gmail.com,” Hunt explained. “But this reflects malware-based theft, not a breach of Gmail’s systems.”
Google has reiterated that its infrastructure remains secure and that the stolen credentials originated from infected devices and password reuse.
What the Dataset Contains
The database consists of:
• 23 billion rows of stolen login information
• Both older passwords and newly compromised credentials
• Approximately 8 percent (16.4 million) never before seen in previous leaks
Security researchers from Synthient Labs describe the incident as another sign of the growing cybercriminal marketplace for active, usable credentials. These are often exploited for financial fraud, phishing campaigns, and identity theft.
Steps Users Should Take
While Gmail was not breached, users whose credentials appear in the HIBP database may still face account takeover risks. Security professionals recommend:
• Change your Google account password
• Enable 2-Step Verification using an authenticator app or hardware key
• Avoid reusing passwords across different services
• Review account activity through Google’s Security Checkup dashboard
Attackers often leverage leaked passwords to break into other platforms through credential stuffing, where the same login details are tested across multiple accounts.
Google’s Existing Protections
Google notes that users are automatically alerted if compromised credentials are detected through the Account Safety Checkup tool. The company continues to encourage strong authentication practices, including the adoption of passkeys and unique passwords.
Growing Threat of Malware-Based Credential Theft
Incidents involving information-stealing malware have surged significantly in 2025, driven by phishing scams and malicious browser extensions. Experts warn that heavy reliance on traditional passwords remains a security weakness.
Until passwordless authentication becomes more widespread, users should remain proactive about password hygiene and be cautious when downloading applications or browser add-ons.
Stay informed on the latest in tech, security, and digital innovation — visit StartupNews.fyi for breaking updates and cybersecurity insights.
