cybersecurity

5120 readers

45 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

Gmail Passwords Confirmed As Part Of 183 Million Account Data Leak (www.forbes.com)

submitted 1 week ago by cm0002@lemmings.world to c/cybersecurity

7 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] jqubed@lemmy.world 9 points 1 week ago* (last edited 1 week ago) (1 children)

This is not a breach of 183 million Gmail account passwords. This is a collection of credentials, largely stolen by infostealer malware and circulating among cyber criminals, which was collected by a security researcher and passed on to Have I Been Pwned. Over 90% of the data has already been seen in previous releases.

Adding the details of website URLs, email addresses and passwords to the Have I Been Pwned database, owner Troy Hunt said the data consisted of both “stealer logs and credential stuffing lists” including confirmed Gmail login credentials.

The “confirmed Gmail login” bit comes from contacting one of the victims at random to verify the data and he confirmed the password was his Gmail password. It doesn’t appear to be a Gmail breach, just the results of credential stealing happened to include some people logging into Gmail.

Edit: Perhaps a more useful link is the original blog post from Have I Been Pwned’s Troy Hunt.

[–] sefra1@lemmy.zip 3 points 1 week ago

Ooooh, I thought for a moment...