Earlier this week, reports came out claiming that 183 million Gmail passwords were exposed in a data leak. Google has since come out to dispute this claim (via its X account), attributing "inaccurate reports" to "stemming from a misunderstanding of infostealer databases."
As spotted by Bleeping Computer, this report was picked up by major outlets, but it seems to have come from a database that compiled "various credential theft activity occurring across the web". Effectively, the data appears to be a broader database, rather than the result of a single new attack, and crucially, doesn't represent "any one person, tool, or platform."
Reports of a “Gmail security breach impacting millions of users” are false. Gmail’s defenses are strong, and users remain protected. 🧵👇October 27, 2025
Hunt reflects on these data breaches in his most recent blog and claims that treating them as a more singular breach is "not an accurate representation of how these things work". He goes on to compare the breaches in the larger data file to that of a hose, spraying data everywhere at all times. "The data itself is still on point, but I'd like to see HIBP better reflect that firehose analogy and provide a constant stream of new data."
It's still a pretty good reminder to set up 2-step verification if you haven't. Even if your password is leaked, bad actors would need access to your authenticator to get into your account. Now, excuse me for a moment while I check I've enabled mine.
1. Best gaming laptop: Razer Blade 16
2. Best gaming PC: HP Omen 35L
3. Best handheld gaming PC: Lenovo Legion Go S SteamOS ed.
4. Best mini PC: Minisforum AtomMan G7 PT
5. Best VR headset: Meta Quest 3
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
