Google Calls Massive Gmail Breach Report "FALSE"

Google has officially denied reports of a massive Gmail data breach after claims surfaced online that millions of user credentials had been leaked. Earlier this week, reports based on data shared by Have I Been Pwned suggested that over 183 million Gmail accounts were compromised.

However, Google now says the claims are false and based on outdated information. “Reports of a ‘Gmail security breach impacting millions of users’ are false. Gmail’s defenses are strong, and users remain protected,” the company said in a statement on its official X (formerly Twitter) account.

The tech giant clarified that the rumors stemmed from “a misunderstanding of infostealer databases.” These datasets, while resurfacing online from time to time, do not indicate a fresh compromise of Gmail or any Google service.

Google added that it actively scans for large dumps of exposed login information and takes preventive steps, such as prompting users to reset passwords and enabling two-step verification for added security.

The headline grabbed the attention of many when cybersecurity expert Troy Hunt, founder of Have I Been Pwned, revealed a 3.5-terabyte database containing millions of email-password combinations aggregated from previous breaches.

While some Gmail addresses were among them, Hunt emphasized that the data appeared to be old.
In short, no new Gmail breach has been confirmed. But, if your credentials are in an old leak, it’s still a good idea to update your password and enable two-step verification.