Gmail Users Hit by Massive Malware Attack: 183 Million Passwords Leaked

TLDR

• A 3.5 terabyte data leak exposed 183 million email passwords through infostealer malware
• 16.4 million Gmail accounts were newly compromised in the breach
• Google confirms its servers were not hacked; malware infected user devices
• Stolen credentials came from phishing emails, fake downloads, and browser extensions
• Users should check HaveIBeenPwned.com and enable two-factor authentication immediately

A massive data breach has exposed 183 million email passwords, including millions of Gmail accounts. The leak represents one of the largest credential dumps discovered in 2025.

Troy Hunt, founder of Have I Been Pwned, announced the discovery this month. The 3.5 terabyte dataset contains information from 23 billion records collected over a year.

Security firm Synthient tracked the stolen data across dark web marketplaces and Telegram channels. The firm found that 16.4 million email addresses were exposed for the first time.

The remaining 91% of leaked passwords had appeared in previous breaches. However, many of these older credentials still matched users’ active passwords.

How Attackers Stole Credentials

The breach did not involve a direct hack of Gmail’s servers. Instead, infostealer malware on infected devices captured login information as users browsed the internet.

These malicious programs spread through phishing emails and fake software downloads. Browser extensions also serve as common infection points.

Benjamin Brundage of Synthient said stolen credentials jumped more than 800% in the first half of 2025. The firm recorded up to 600 million stolen passwords in a single day.

Users often don’t realize their devices are infected. The malware operates silently while harvesting credentials from multiple websites and services.

Risks Beyond Email Accounts

The breach affects more than just email access. Many users reuse passwords across banking sites, social media platforms, and cloud storage services.

Attackers use credential stuffing to test stolen username-password combinations on multiple platforms. This automated process can give criminals access to victims’ entire digital lives.

Stolen credentials circulate on criminal forums for years. This gives hackers ongoing opportunities to exploit reused passwords.

Google issued a statement clarifying that Gmail’s infrastructure was not compromised. The company said reports of a Gmail breach are inaccurate and stem from misreading credential theft database updates.

What Users Should Do Now

Users can check if their email was compromised by visiting HaveIBeenPwned.com. The site allows people to enter their email address and see if it appears in the breach.

Google recommends enabling two-step verification or switching to passkeys. The company also suggests changing passwords immediately if affected.

Security experts advise against storing passwords in web browsers. Malware can easily scrape credentials from browser storage.

Encrypted password managers provide better protection. Google’s Password Manager Checkup tool also scans Chrome logins and warns about weak or reused passwords.

Users should use different passwords for different online accounts. This prevents a single breach from compromising multiple services.

Recent Developments

The leak first surfaced in April but became public last week. Alphabet shares rose 3.60% on Monday, closing at $269.27 ahead of the company’s Q3 earnings report scheduled for October 29.

Alphabet Inc., GOOGL

The breach highlights the growing threat of infostealer malware. Synthient’s data shows credential theft has reached unprecedented levels in 2025.

Users should remove unused browser extensions and avoid clicking suspicious links. Regular password updates and two-factor authentication remain the best defenses against credential theft.

The post Gmail Users Hit by Massive Malware Attack: 183 Million Passwords Leaked appeared first on Blockonomi.