This post is also available in:
עברית (Hebrew)
A new trove of stolen login credentials has surfaced online, with 183 million email addresses and passwords added to the “Have I Been Pwned” (HIBP) breach database. The data, originating from infostealer malware logs rather than a single system breach, includes credentials linked to major email platforms such as Gmail, Outlook, and Yahoo.
The data – amounting to 3.5 terabytes and more than 23 billion individual records – was collected from various infostealer operations monitored over the past year. These malicious programs harvest login data directly from infected computers, capturing credentials as users enter them on websites or applications. According to HIBP’s analysis, the dataset primarily contains three fields: website URL, email address, and password.
While much of the information had appeared in earlier leaks, around 16.4 million email addresses and associated passwords were previously unseen in any known breach. A sample verification process confirmed that some Gmail credentials were valid, underscoring the ongoing threat of reused or weak passwords.
According to Forbes, cybersecurity experts stress that this is not the result of a new attack on any specific service. Rather, it is a consolidation of existing stolen data circulating among cybercriminals. Infostealer campaigns remain a leading source of such information, providing attackers with large volumes of credentials for credential-stuffing attacks, where stolen passwords are reused across different accounts.
Google issued a clarification following widespread reports of a “Gmail breach,” confirming that its systems were not compromised. “The incident reflects previously stolen credentials aggregated from infostealer activity,” the company said. It emphasized that users remain protected by Gmail’s layered defenses and encouraged adoption of stronger authentication methods such as two-step verification and passkeys.
Security professionals recommend that all users check whether their credentials are included in the HIBP database and immediately reset any compromised passwords. They also advise against reusing passwords across services and suggest using password managers to generate and store strong, unique credentials.
Although this latest exposure does not represent a direct system breach, it highlights a persistent cybersecurity challenge: the reuse of stolen login data across multiple online platforms, sustaining one of the most common entry points for cyberattacks today.
You can check here if you’ve been affected, and recover your Gmail account here if necessary.
