Urgent alert issued to anyone who uses Gmail after 183 million passwords are leaked

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it’s investigating the financials of Elon Musk’s pro-Trump PAC or producing our latest documentary, ‘The A Word’, which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.Read more

Gmail users have been warned about a huge attack that appears to have left as many as 183 million email accounts insecure.

The data leaked online includes not only the email accounts themselves but the passwords believed to be associated with those logins.

The breach could allow hackers entry not only to email accounts but all of the other logins that depend on Gmail.

The breach occurred in April of this year but was recently noted by Have I Been Pwned, a website that tracks data breaches so that users can be alerted to them.

The data came from a much broader hack that was aggregated from across the internet, according to Troy Hunt, who runs the website.

Users are able to check whether their emails and passwords are part of the attack – or any other tracked data breaches – by using that website. In all, the website has tracked 917 breached websites and more than 15 billion accounts.

If a users’ account has been compromised, or might have been, then there are a series of relatively simple recommended actions. Users are advised to change their Gmail password as well as setting up two-factor authentication.

Two-step authentication adds an extra layer of security to an account so that even a hacker who has stolen a users’ password would not be able to get access with that alone. Unlike some other systems, Google uses a host of different second challenges, and says that its tools will choose the one that is most likely to keep hijackers out of an account.