Massive data breach exposes 183 million email passwords, including Gmail accounts
California: A massive data breach has emerged online, compromising millions of email accounts along with their passwords, with a significant number reportedly linked to Gmail users.
The breach, affecting over 183 million records, was recently discovered and added to the Have I Been Pwned (HIBP) database, a widely used platform that allows users to check whether their credentials have been compromised.
According to a report published by India Today, the exposed dataset, called “Synthient Stealer Log Threat Data,” is among the largest email-password leaks reported in recent months.
However, Google’s servers were reportedly not breached. The stolen information reportedly originated from devices infected by malware. The device collected credentials directly from users’ browsers and computers rather than Gmail’s internal systems.
Cybersecurity expert Troy Hunt, who runs HIBP, said the data came from logs created by infostealer malware, malicious programs that silently record login information, browser cookies, and authentication tokens from infected systems. “This wasn’t the result of a single company being hacked,” Hunt noted. “It’s a collection of information stolen from numerous compromised devices across the world.”
With 183 million unique email addresses paired with plaintext passwords, the dataset was uploaded to HIBP on October 21, 2025. Many of these mail ids are associated with Gmail. Analysts say plaintext storage has increased risk, as attackers can immediately use or sell the credentials on dark web marketplaces.
Warning has been issued by security experts that infostealer malware not only steal login credentials but it is also capable of intercepting browser cookies and authentication tokens, which will allow scammers to bypass two-factor authentication in certain cases.
While Google stated that its systems were not breached, it recommended users utilize its Security Checkup tool to identify suspicious devices or third-party apps linked to their accounts.
“Reports of a Gmail security ‘breach’ impacting millions of users are entirely inaccurate and incorrect,” New York Post quoted a Google spokesperson as saying.
“They stem from a misreading of ongoing updates to credential theft databases, known as infostealer activity, whereby attackers employ various tools to harvest credentials versus a single, specific attack aimed at any one person, tool or platform," the spokesperson added.
In a report published by Yahoo News, Michael Tigges, a security analyst at Huntress noted, “The event here is not one of any specific data breach, but instead aggregated and uploaded data from millions of stealer malware log.” He further added that the attack should serve as a warning to anyone who relies on their web browsers to store credentials.
According to security experts from Cyber Insider and Forbes, the main problem is password reuse across many platforms. Experts further added that users make it easy for the attackers to gain access to banking, shopping, or workplace systems associated with the same email address by using the same passwords for several accounts. They recommended users to opt for hardware-based security keys or passkeys instead of SMS verification for stronger protection.
Users can check whether their data was exposed on (https://haveibeenpwned.com/). They are also advised to protect their accounts by immediately changing the passwords, using a unique, strong combination password, and enable two-factor authentication, if they find their credentials at risk.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Cong takes dig at govt after Trump's 'India to buy Venezuelan oil' remark'
New Delhi (PTI): The Congress on Sunday took a swipe at the Modi government over US President Donald Trump's remarks that India is going to buy oil from Venezuela instead of Iran, saying the American leader continues to give “information on what our own government has done or will be doing”.
The opposition party's dig came after Trump, responding to a question, told reporters while travelling on Air Force One, "China is welcome to come in and we'll make a great deal on oil. We welcome China."
"We've already made a deal. India is coming in, and they're going to be buying Venezuelan oil as opposed to buying it from Iran. So, we've already made that deal, the concept of the deal," Trump said.
Congress general secretary in-charge communications Jairam Ramesh shared the audio of Trump's remarks on X.
"He (Trump) told us Op Sindoor had been halted. He told us India had stopped buying Russian oil. And now this," the Congress leader said.
"President Trump continues to give us information on what our own government has done or will be doing," Ramesh said on X.
