Gmail data breach hits 183 Million Accounts
183 million Gmail accounts have been exposed via infostealer malware logs
A vast stockpile of data involving 183 million compromised email addresses and passwords has been added to the breach-monitoring site Have I Been Pwned (HIBP) as one of the largest data exfiltration leaks to date.
The data was primarily collected through infostealer malware rather than a direct breach, including millions of Gmail accounts.
Meanwhile cybersecurity experts say that the extent of disclosure presents a serious risk of account takeovers.
Investigations are ongoing, and analysts are trying to review the security of accounts, reset passwords, and activate two-step verifications for users.
Data for approximately 183 million Gmail accounts were recently added to HIBP on October 21, 2025.
The collection was mainly referred to as the “Synthetic Stealer Log Threat Data,” was compiled by Synthient LLC and originated from infostealer malware logs, rather than from a breach of a single platform.
In this connection, HIBP founder Troy Hunt confirmed that the dataset can be easily searched by email, password, and domain.
It has been observed that among the exposed credentials, a considerable portion were stored in plaintext alongside the website they were used on.
While analysts have issued warnings, the inclusion of plaintext passwords significantly increases the risk of credential replay.
In order to recover accounts, cybersecurity experts recommend that Gmail users immediately change their passwords and avoid reusing them across multiple sites.
Google’s Security Check-up tool can mainly identify devices or connected applications that should be removed immediately.
Two-step verification should be enabled, using a hardware key or passkey rather than an SMS code, to prevent unauthorized access even if credentials are leaked.
The exposure of 183 million credentials has underscored how infostealer malware has become a leading source of data theft globally.
Nonetheless, Gmail’s own systems have not been affected, and analysts say that the incident underlines the risks linked to weak device protection.
Additionally, investigations are underway to scrutinize the scope of leak, and users of all devices are advised to use reputable anti-virus scans to get rid of infostealer malware.
-
Super Bowl weekend deals blow to 'Melania' documentary's box office -
Adrien Brody opens up about his football fandom amid '2026 Super Bowl' -
What did Olivia Colman tell her husband about her gender? -
Major Hollywood stars descend on 2026 Super Bowl's exclusive party -
Travis Kelce's true feelings about Taylor Swift's pal Ryan Reynolds revealed -
David Beckham pays tribute to estranged son Brooklyn amid ongoing family rift -
Brooklyn Beckham covers up more tattoos linked to his family amid rift -
Jennifer Hudson gets candid about Kelly Clarkson calling it day from her show