Cyberattack, over 180 million “Gmail” passwords hacked and published! How to tell if your account has been hacked
In April 2025, a total of 183 million accounts and passwords were exposed, according to Troy Hunt, head of the Have I Been Puned (HIBP) database. The leak also included Gmail user passwords.
HIBP allows users to check if their data was found in the leaked lists. As Hunt explained, the files mainly contained three types of data: website addresses, email addresses and passwords.
“When someone logs into Gmail, the email address and password are registered with ‘gmail.com’, which is why this data is generated,” he added.
Google says the breach is part of a broader phishing campaign that affects many types of online services. To protect Gmail users, the company recommends enabling two-factor authentication (2FA) and using access keys instead of traditional passwords.
Users who believe their account has been compromised are advised to log in immediately and review their account activity.
Google also has a password reset process for major breaches, such as the recent one.