Google responds to claim of millions of Gmail passwords leaked; calls in 'entirely inaccurate and ...'

Google has denied reports claiming that millions of Gmail accounts were compromised in a recent data breach. Clarifying that there has been no security breach, the tech giant reiterated that the users’ data remains safe.

In an official post on X (formerly Twitter), Google said “Reports of a “Gmail security breach impacting millions of users” are false. Gmail’s defenses are strong, and users remain protected.”The company explained that the false claims likely came from a misunderstanding on “infostealer” databases – collections of stolen credentials from various sources across the internet, not a targeted attack on Gmail. “It’s not reflective of a new attack aimed at any one person, tool, or platform,” Google said in its statement.This is the second time in recent weeks that Google has had to issue a public denial about an alleged Gmail breach. In September, similar reports suggested a widespread Gmail warning, which the company also called “entirely false.”Google warned that such misleading claims could cause unnecessary panic but acknowledged that they do help raise awareness about account safety. The company urged users to enable two-step verification (2SV) and adopt passkeys for stronger protection. It also said it takes proactive measures when exposed credentials are detected, helping affected users reset passwords and secure their accounts.

Read Google’s full statement here

In a series of posts on X, Google said:Reports of a “Gmail security breach impacting millions of users” are false. Gmail’s defenses are strong, and users remain protected. The inaccurate reports are stemming from a misunderstanding of infostealer databases, which routinely compile various credential theft activity occurring across the web. It’s not reflective of a new attack aimed at any one person, tool, or platform. Users can protect themselves from credential theft by turning on 2-step verification and adopting passkeys as a stronger and safer alternative to passwords, and resetting passwords when they are found in large batches like this. Gmail takes action when we spot large batches of open credentials, helping users reset passwords and resecure accounts.