12 hours ago
Last Updated:October 28, 2025, 16:08 IST
Google denied reports of a Gmail security breach affecting 183 million users, clarifying no new attack occurred. Troy Hunt linked leaked data to infostealer malware.
Google dismissed reports of a massive Gmail data leak, calling them false and blaming a misunderstanding of old stolen data compilations. (IMAGE: REUTERS)
Millions of Gmail users who panicked after reports claimed that over 183 million Gmail passwords had been leaked online in a massive data breach breathed a sigh of relief after Google denied the claims.
In a post on social media, Google clarified that there had been no new Gmail security breach.
“Reports of a ‘Gmail security breach impacting millions of users’ are false. Gmail’s defenses are strong, and users remain protected," the company said in its statement.
“The inaccurate reports stem from a misunderstanding of infostealer databases, which routinely compile various credential theft activity occurring across the web. It’s not reflective of a new attack targeting any one person, tool, or platform," it added.
Gmail takes action when we spot large batches of open credentials, helping users reset passwords and resecure accounts.— News from Google (@NewsFromGoogle) October 27, 2025
Google also advised users to protect themselves from credential theft by enabling two-step verification, adopting passkeys as a safer alternative to passwords, and resetting passwords when they appear in large credential batches.
Reports of a “Gmail security breach impacting millions of users" are false. Gmail’s defenses are strong, and users remain protected. 🧵👇— News from Google (@NewsFromGoogle) October 27, 2025
The false alarm began after several major media outlets reported an alleged “Gmail breach," claiming that millions of users’ credentials had been exposed — leading many to fear their accounts had been hacked.
The alleged trove, said to contain 3.5 terabytes of data, reportedly surfaced online earlier this month, according to Troy Hunt, the Australian security researcher who runs the breach-notification site Have I Been Pwned.
Hunt had stated that the information appeared to originate from a yearlong sweep of “infostealer" platforms — malware networks that secretly siphoned usernames, passwords, and website addresses from infected devices.
The data was described as a mix of “stealer logs and credential stuffing lists," Hunt had written in a blog post.
Shankhyaneel Sarkar is a Chief Sub-Editor at News18. He covers international affairs, where he focuses on breaking news to in-depth analyses. He has over seven years of experience during which he has covered se...Read More
Shankhyaneel Sarkar is a Chief Sub-Editor at News18. He covers international affairs, where he focuses on breaking news to in-depth analyses. He has over seven years of experience during which he has covered se...
Read More
Follow News18 on Google. Join the fun, play QIK games on News18. Get latest technology updates, including phone launches, gadget reviews, AI advancements. Stay informed with breaking tech news, expert insights, and trends from India and around the world. Also Download the News18 App to stay updated.
First Published:
October 28, 2025, 16:08 IST
News tech ‘No Gmail Security Breach’: Google Dismisses 180 Million Password Leak Claims
Disclaimer: Comments reflect users’ views, not News18’s. Please keep discussions respectful and constructive. Abusive, defamatory, or illegal comments will be removed. News18 may disable any comment at its discretion. By posting, you agree to our Terms of Use and Privacy Policy.
Read More
