In a massive data breach, more than 18.3 crore passwords have been leaked online, including tens of millions linked to Gmail accounts. Cybersecurity analysts are calling this the biggest credential dump ever.
The data originated from malware networks that secretly stole usernames, passwords, and website addresses from infected devices. According to Australian security researcher Troy Hunt, this activity continued for a year. The stolen credentials amount to 3.5 terabytes of data, which surfaced online this month.
Scope and impact
The new dataset contained 18.3 crore unique accounts, including approximately 1.64 crore addresses never seen before in any prior breach, as noted by Hunt. While most entries in this data come from old data breaches, many users have confirmed that the exposed passwords match their active credentials.
The leak, first detected in April and made public last week, covers not only Gmail data but also login information for Outlook, Yahoo, and hundreds of other web services. These stolen credentials will continue to reappear across various platforms, posing a significant security risk because many users reuse the same password across different accounts—from cloud storage and banking to social media.
Attack method and verification
Hunt clarified that attackers did not directly attack Gmail or any other service; instead, they employed malware on users’ computers that captured their login details.
You can check if your data has been compromised by visiting HaveIBeenPwned.com and entering your email address.
Shai Hulud virus
CERT-In, the Ministry of Home Affairs' nodal cybersecurity agency, has alerted the nation's startups and IT companies to a new threat: the 'Shai Hulud' virus. This malware targets the JavaScript Node Package Manager (npm) ecosystem, posing a significant cyberattack risk. Successful infiltration could lead to the leakage of personal user data from numerous apps, websites, and digital services, necessitating immediate preventative action from IT firms.
ALSO READ: Elon Musk launches Grokipedia to challenge Wikipedia: How it will reshape internet search
