GMAIL users have been warned about a data leak as tens of millions of online login credentials were reportedly exposed.
The largest portion of the stolen credentials allegedly came from Gmail, with roughly 48 million accounts affected, followed by Facebook at 17 million.
As many as 6.5 million Instagram accounts are believed to have been affected, along with four million from Yahoo Mail, 3.4 million from Netflix, and Outlook with 1.5 million, per the Daily Mail.
Other compromised accounts allegedly included iCloud, .edu emails, TikTok, OnlyFans, and Binance.
Users have been urged to check their accounts and change their passwords as soon as possible.
Cybersecurity researcher Jeremiah Fowler reportedly discovered the breach, revealing a database containing 149 million compromised accounts.
BE IN CONTROL
Get more of The Sun for free by signing up for Google’s preferred sources
ASK DR ZOE
I went to hospital for a red patch down there and was told ‘don’t worry’. Help!
He said: “Thousands of files included emails, usernames, passwords, and the URLs for logging in or authorizing the accounts.
“The exposed records included usernames and passwords collected from victims around the world, spanning a wide range of commonly used online services and about any type of account imaginable.”
Fowler advised that anyone who suspects their device may be infected with malware should act immediately by updating their operating system, installing or updating security software, and scanning for suspicious activity.
He also recommended reviewing app permissions, settings, and installed programs, and only downloading apps or extensions from official app stores.
Users have been directed to go to Have I Been Pwned website to enter their email address in the search bar.
The site will show you if your address has been involved in any breaches in the past decade.
If you have been affected, it is recommended to promptly change your password and enable two-factor authentication (2FA).
A Google spokesperson told the Daily Mail: “We are aware of reports regarding a dataset containing a wide range of credentials, including some from Gmail.
“This data represents a compilation of ‘infostealer’ logs, credentials harvested from personal devices by third-party malware, that have been aggregated over time.
“We continuously monitor for this type of external activity and have automated protections in place that lock accounts and force password resets when we identify exposed credentials.”
