28/10/2025
According to multiple cybersecurity reports, a large credential database leak was recently made public, containing tens of millions of email and password combinations, including a significant number linked to Gmail accounts.
However, experts and Google have clarified that Google’s servers were not directly hacked. Instead, these leaked credentials mostly came from:
Devices infected by information-stealing malware (“infostealers”), or
Combined data from older leaks merged together.
Even if this wasn’t a new direct breach of Google, the risk remains very real — especially for users who reuse passwords or have been infected by malware. Google has recommended users strengthen account protection and enable passkeys / two-factor authentication (2FA).
Immediate Actions (in priority order)
1) Check if your account was involved
Visit Have I Been Pwned
or other reputable leak-checking tools to see if your email appears in any public breach list.
If it does — immediately change your password and follow all the steps below.
2) If you can still access your Gmail account
Change your Gmail password immediately.
Use a strong, unique password (at least 12 characters, mix of upper/lowercase letters, numbers, and symbols).
Never reuse passwords from other sites.
Turn on Two-Factor Authentication (2FA).
Use an authenticator app (e.g., Google Authenticator, Authenticator, Authy) or a security key/passkey instead of SMS codes for stronger protection.
Review recent sign-in activity and devices.
Go to Google Account → Security → Your devices / Recent activity.
Sign out of any unknown or suspicious devices.
Check email forwarding rules, filters, and third-party app access.
Remove any unknown rules or connected apps. Hackers often set auto-forwarding to keep spying on emails.
Change passwords on other accounts using the same password.
Especially financial, social media, and work accounts.
Use a password manager (e.g., Bitwarden, 1Password, LastPass) to generate and store unique passwords securely.
3) If you cannot log in (account taken over)
Go to Google’s Account Recovery page (“Need help?” or “Can’t sign in?”).
Try to recover using a familiar device and location (that increases success).
Prepare details like your last password, last login time, and recovery email/phone.
If it’s a work or school account, contact your IT administrator immediately.
4) Check and clean your devices
Run a full antivirus/malware scan using trusted software (e.g., Windows Defender, Malwarebytes).
If your device is found infected with password-stealing malware, isolate it and consider reinstalling your operating system after backing up important files.
Most leaked credentials originate from compromised devices, not from Google servers themselves.
5) Strengthen ongoing protection
Enable security alerts and monitor sign-in notifications.
Check your bank, credit card, and online store accounts for unusual activity.
Be cautious of phishing emails pretending to be Google support — never share your password or 2FA codes.
If you suspect hackers have sent fraudulent emails from your account, notify your contacts so they don’t fall for scams.
6) Long-term security improvements
Use passkeys or physical security keys (e.g., YubiKey, Titan Key) as your main login method for Google and other critical services.
Avoid password reuse completely — each account should have a unique, randomly generated password.
