A massive new digital security incident has exposed the credentials of at least 183 million email accounts, mainly affecting users of popular services such as Gmail, Outlook and Yahoo. The breach did not result from a direct attack on these companies’ servers, but rather from the compilation of stolen data using “Infostealer” type malware, which infects users’ own devices to capture sensitive information.
The discovery was made by data leak monitoring platform Have I Been Pwned, which is widely recognized for alerting users about their information being exposed online. The compromised data set includes combinations of email addresses and plain text passwords, which poses an elevated risk of unauthorized access and fraud.
The total volume of data was recently updated, with the inclusion of 16.4 million new credentials that had not been identified in previous analyses. Esse addition reinforces the ongoing scale of the threat posed by Infostealers, which operate silently to collect valuable information directly from browsers and applications installed on infected computers and cell phones.
The scale of the incident and the origin of the data
The nature of this leak of 183 million credentials is different from a centralized attack on a single service. Instead, the data was aggregated from thousands of individual infections on user devices around the world. Infostealers malware, once installed, acts like digital spies, focusing on stealing information saved in browsers, such as passwords, session cookies, autofill data and credit card information. Troy Hunt, the security expert and creator of Have I Been Pwned, explained that the massive volume of data is the result of compiling multiple malware logs. The main vulnerability in this case is not in the infrastructure of the Google, Microsoft or Yahoo, but in the security of the end user’s device. Exposing passwords in plain text, that is, without any type of encryption, makes the work of cybercriminals extremely easy, allowing them to test the same email and password combinations on several other platforms, a technique known as “credential stuffing”.
Position of technology giants
Given the repercussions of the incident, Google spoke out stating that its systems were not breached. The company highlighted that the exposure of accounts is a consequence of broader malicious activities on the internet, which target users directly, and not the company’s infrastructure.
The company also took the opportunity to reinforce the importance of users adopting additional security measures, such as two-step verification, to protect their accounts even if their password is compromised.
At the time of publishing this news, both Microsoft and Yahoo had not issued official statements about the leak. Essa stance is common in large-scale cases, as internal security teams investigate the scope of the incident and validate the information disclosed.
What are Infostealers malware?
Infostealers, or information thieves, represent a category of malicious software specifically designed to be stealthy and efficient at collecting data. Infection often occurs through social engineering tactics, such as phishing emails that contain malicious links or attachments, pirated software downloads, or fraudulent website advertisements. Once the malware installs itself on the operating system, it operates in the background, without arousing suspicion, monitoring user activity and extracting valuable information.
The main target of these programs is data stored in internet browsers. Eles are capable of accessing local databases where Chrome, Firefox, Edge and other browsers store saved passwords, browsing history, cookies and form data. The collected information is then sent to a command and control server operated by the criminals. Esses packets of stolen data are often sold on forums on the dark web, fueling an ecosystem of cybercrime that ranges from financial fraud and identity theft to targeted attacks on businesses.
Immediate measures to protect your accounts
The first and most crucial action for any user who suspects they have been affected is to immediately change the password for the email service involved and any other account that uses the same credential.
It is essential to abandon the practice of reusing passwords. Cada online service, be it a social network, e-commerce or digital bank, must have a unique and complex password to prevent a leak on one site from compromising security on all others.
Enabling two-factor authentication (2FA) is one of the most effective security barriers available. Esse method requires a second verification code, usually sent to the cell phone, in addition to the password, to authorize access from a new device, making hacking difficult.
Users can and should check whether their email addresses have been compromised in this or other known breaches. The free tool Have I
Essential tools for digital security
To deal with the complexity of maintaining dozens of unique and strong passwords, using a password manager is highly recommended. Ferramentas as 1Password, Bitwarden or the built-in manager of Google and
A newer and even more secure technology is access keys, or “passkeys”. Elas completely replace passwords with an authentication method based on biometrics (fingerprint or facial recognition) or the device PIN, eliminating the risk associated with weak or leaked passwords.
Signs of a compromised account
There are several warning signs that may indicate that an email account has been improperly accessed. Entre they are receiving unsolicited password reset emails, discovering messages in the “sent” box that you didn’t write, or suddenly being blocked from accessing your own account.
Other indicators include login alerts from unknown locations or devices and complaints from contacts who have received spam or phishing emails sent from your address. When you notice any of this activity, it is vital to act quickly to try to regain control of the account and check your security settings.
Preventing future infections
Prevention remains the best strategy against malware. Manter Keeping your operating system, browser, and antivirus software up to date is crucial, as updates often patch security holes that can be exploited by criminals. Além Furthermore, it is essential to be cautious when clicking on links and downloading email attachments, especially from unknown senders, and avoid downloading programs from untrustworthy sources.
