Gmail, Photo: Bigtunaonline | Dreamstime.com
Information about the compromise of millions of Gmail accounts was picked up by the media in several countries on Tuesday, but Google says it is all a misunderstanding, The Register reports.
The tech giant moved quickly to deny reports that more than 183 million Gmail accounts had been compromised in a “major security breach”. According to Google, these claims – which have appeared in numerous publications including The Daily Mail, The Mirror, Forbes, The Independent and the New York Post – are “false” and the whole fuss is based on a misunderstanding over old, recycled credentials – and not evidence of an actual intrusion.
The confusion appears to have started after Troy Hunt, the creator of the Have I Been Pwned (HIBP) platform, announced that he had added a massive 183 million credential data set to his data breach notification service.
The information was provided to him by Synthient, a cyber threat intelligence platform that collects and analyzes data from the activity logs of malware such as infostealer (information thieves). But Hunt explained in a blog post that this collection reflects years of malware activity, not a single recent compromise — much less a targeted attack on Gmail.
What Google Says About Gmail 'Breach'
Google reiterated the view also expressed by Hunt in a statement. “Reports of a 'Gmail security breach affecting millions of users' are false. Gmail's defenses are robust and users remain protected,” the company said. Google added that the data circulating online “stems from a misunderstanding of infostealer databases that routinely compile various credential theft activities occurring across the Internet.”
Infostealer databases, which are constantly collected from infected browsers, phishing kits, and hacked programs, often contain Gmail addresses simply because so many users reuse them in multiple places on the Internet. When such collections reappear, they are frequently misinterpreted as new breaches.
Google said it regularly checks for large batches of stolen credentials and urges affected users to reset their passwords when appropriate. “Gmail takes action when we identify large batches of exposed credentials, helping users reset their passwords and secure their accounts again,” the company said.
Hunt, for his part, was puzzled by the extent of media coverage of the so-called “breach”.
PHOTO article: Bigtunaonline / Dreamstime.com.
