Your Logins Could Be Among 183 Million Just Added to Have I Been Pwned — Here’s How to Check
If you use Gmail, Facebook, or Apple services, your credentials might be part of a massive new data breach added to Have I Been Pwned (HIBP) — the free website that lets you see if your online accounts have been compromised.
Cybersecurity researcher Troy Hunt, founder of HIBP, has confirmed the addition of 183 million new accounts to the platform’s database. The data was sourced with help from Synthient, a threat intelligence service that monitors infostealer networks and dark web dumps.
🔐 What’s in the New Dataset
The latest batch includes 183 million unique email addresses tied to the websites they were used on — along with their corresponding passwords. According to Hunt, the data originated from “stealer logs” and “credential stuffing lists,” which are a combination of stolen login information from infected computers and reused credentials across multiple sites.
Among the compromised records are confirmed Gmail login details, indicating that millions of Google users may be affected. A smaller breach of 3.9 million MyVidster accounts was also added to HIBP, exposing email addresses, usernames, and profile pictures from the now-defunct video-sharing site.
📊 How Big Is This Breach?
The total collection represents 3.5 terabytes of data — over 23 billion rows of information. While much of it overlaps with previously leaked credentials, Hunt’s analysis found that about 16.4 million accounts were completely new, never seen before in any prior breach.
That means millions of users may be unaware that their logins are circulating on hacker forums right now.
Also Read: Apple Removes Viral ‘Tea’ and ‘TeaOnHer’ Apps Over Privacy and Safety Violations
🧠 Why It Matters
Credential reuse remains one of the biggest security risks online. If a hacker obtains your email and password from one site, they can often access multiple accounts — banking, shopping, or social media — in seconds.
Troy Hunt verified the authenticity of the leak by contacting impacted users, some of whom confirmed the stolen passwords were still active on their Gmail accounts.
Cybersecurity experts are urging users to check their emails immediately on Have I Been Pwned and to change all reused passwords without delay.
🧰 How to Check If You’ve Been Pwned
- Go to haveibeenpwned.com
-
Enter your email address in the search bar.
-
If your data appears in a breach, change your passwords right away.
-
Enable two-factor authentication (2FA) for added protection.
-
Use the “Pwned Passwords” feature to test if any of your old passwords are in known leaks.
⚠️ Final Take
This latest breach is another reminder that no one is completely safe online — not even Gmail users. Even if your account hasn’t been affected, it’s a good time to update your passwords, enable 2FA, and use a password manager to stay secure.
As Troy Hunt put it, “Most of what we’re seeing isn’t new — but millions of people will still be learning for the first time that their credentials are out there.”
Also Read: Fox One Gets a Price Cut with Verizon Perk — Here’s What You Need to Know
For the latest mobile news, reviews, and deals, follow ARYMobiles on Google News, X, Facebook, WhatsApp, and Threads. Stay updated with the newest gadgets by subscribing to our YouTube channel. Want to explore top influencers in the tech world? Follow Who’s ThatARY on Instagram and YouTube