Were 183 million passwords leaked? Google's anticipated statement has arrived.

Recently, it was claimed that Gmail users had been subjected to one of the largest data breaches ever. According to reports, over 183 million Gmail accounts and their passwords were leaked online. Such a large leak also poses a significant threat to connected accounts. Considering that bank accounts, payment methods, or other accounts used with that email address are also at risk, the scale and severity of the breach has increased exponentially.

It was reported that this alleged leak actually took place last April, but the incident was recently detected by the platform called 'Have I Been Pwned', which tracks data breaches.

According to data experts who released a statement following the leaks, even if your Gmail account wasn't affected by the breach, it's crucial to change your password and enable two-factor authentication (2FA). This security method prevents unauthorized access to your account even if your password is stolen. Google dynamically implements different security steps in this system, making it harder for attackers to take over your account.

Google responds to leak allegations

Following news of the leak, Google released a statement, stating that there was no leak at all, and that the incident was entirely the result of a misinterpretation of the database. The company stated that the reports of the 183 million password leaks were the result of "the reemergence of old data."

According to Google, these accounts aren't the result of a new attack, but rather a remnant of older leaks that were recently added to the search engine's database in a data breach called "Have I Been Pwned." The site's founder, Troy Hunt, made a similar statement, saying that over 90% of the data had already been exposed in other leaks, with only 16.4 million accounts appearing in the data breach for the first time.

Google's official statement is as follows: "The claim of a Gmail security breach affecting millions of users is false. Gmail's defenses are strong, and users are safe. These false reports stem from a misinterpretation of databases that collect various credential thefts from the internet."

Google also added that it periodically analyzes such open databases and informs its users about potential security risks. Just as data experts warn, the company recommends its users activate two-factor authentication (2FA) and passwordless login (passkey). This makes it much more difficult to compromise your account, even if your password is leaked. Of course, your passwords used on different platforms may still be in the hands of fraudsters due to information from previous leaks. Therefore, it's crucial to avoid using the same password across platforms, in addition to passkeys and two-factor authentication.