Google has officially denied reports claiming that 185 million Gmail accounts and passwords were leaked.
Reports of a “Gmail security breach impacting millions of users” are false. Gmail’s defenses are strong, and users remain protected. 🧵👇
— News from Google (@NewsFromGoogle) October 27, 2025
In a statement posted on X, the company described these reports as false, attributing them to a “misinterpretation” of infostealer databases. These databases systematically record credential theft attempts across the internet but do not indicate a new attack targeting specific individuals, tools, or platforms.
“Reports of a Gmail security breach affecting millions of users are inaccurate,” Google said, emphasizing that no new widespread attack has occurred.
Users can protect themselves from credential theft by turning on 2-step verification and adopting passkeys as a stronger and safer alternative to passwords, and resetting passwords when they are found in large batches like this. https://t.co/J6OUu07IQl
— News from Google (@NewsFromGoogle) October 27, 2025
To enhance account security, Google recommends that users enable two-factor authentication (2FA) and consider using security keys, which offer a simpler and more reliable alternative to passwords alone. The company’s clarification comes after multiple media outlets reported the alleged breach, causing concern among millions of Gmail users worldwide.
