WASHINGTON (dpa-AFX) - In what cybersecurity experts are referring to as one of the biggest credential dumps ever found, a massive data leak has revealed over 183 million email passwords, including tens of millions linked to Gmail accounts.
According to researcher Troy Hunt of Have I Been Pwned, the 3.5-terabyte trove was discovered online this month and contains 23 billion login records gathered from infostealer malware, which surreptitiously gathers usernames and passwords from compromised devices. Of the accounts, about 16.4 million had never been compromised before.
Although there was no direct hack of Gmail, malware, phishing scams, and phony software downloads were used to obtain the credentials, many of which are still active. Experts cautioned that credential stuffing attacks could compromise numerous accounts if victims reuse their passwords.
Google emphasized that claims of a breach unique to Gmail are untrue and acknowledged that the company is aware of the leak.
Copyright(c) 2025 RTTNews.com. All Rights Reserved
Copyright RTT News/dpa-AFX
© 2025 AFX News