Google is once again disputing Gmail was breached

Google has been forced to deny allegations that Gmail was breached, once again this year, after reports emerged suggesting that a massive data breach may have exposed the credentials of 183 million users. The tech giant claimed that these accounts are not fresh victims of an attack, but rather recent additions to a database tracking compromised passwords.

In a statement posted on its platform X, Google stated that "reports of a 'Gmail security breach impacting millions of users' are false" and reiterated that its defenses are strong, ensuring user protection. The company alleged that the inaccuracies were caused by a misunderstanding of infostealer databases, which compile various credential theft activities across the web.

Google uses these compilations to alert users of potential breaches, advising them to turn on 2-step verification, adopt passkeys, and reset passwords immediately if compromised. It's worth noting that over 90% of the stolen credentials have been seen before, according to data breach search engine Have I Been Pwned, suggesting that only a small percentage of accounts are actually new victims.

Troy Hunt, creator of Have I Been Pwned, explained in a blog post that while millions of stolen credentials were new additions to their database, 16.4 million addresses showed up for the first time. Google has been dealing with similar incidents recently, as it released an unusual statement last few months to quash allegations of Gmail being breached.

Google's response comes as the company continues to emphasize the importance of password security and encourages users to take proactive measures to protect themselves from potential breaches.

yeah i'm like totally relieved that google denied those breaching allegations... again but gotta wonder if they're just trying to cover their own tracks, you know? it's always weird how these massive data breaches seem to pop up every now and then and not much gets done about it. the fact that 90% of the stolen credentials are old accounts is pretty wild tho... i mean what's the point of even having a database for compromised passwords if most of them are just gonna be reused anyway? anyway, glad to hear google's got some security measures in place and all, but we should still be super careful with our passwords

I'm getting the heebie-jeebies just thinkin' about all this! 183 million users, man... that's a whole lotta people havin' their info out there in the wild. I mean, Google's got some serious security measures in place, but it's like they're tryin' to put Band-Aids on bullet holes or somethin'. What's really goin' on here? Are these databases just so big and complicated that nobody can keep track of what's new and what's old?

I remember when you could actually keep your passwords secret, you know? Nowadays it's like they're just throwin' a bone to the hackers, sayin' "Hey, we've got all this info on you, but good luck gettin' past our defenses!" Give me a break! Can't we just have one day without these breaches, ya know?

I'm so over these constant data breach claims . I mean, come on Google, how many times do you need to deny something before people start believing it? 183 million users, that's a whole lotta credentials . If it were me, I'd be like "ok, maybe there was a breach" . And what's with the infostealer databases, sounds like some fancy tech speak to me .

And let's be real, we all know that 90% of those stolen credentials have been seen before . So if Google is telling us that only a small percentage are new victims, I'm calling BS . They're just trying to save face and keep the narrative going . But honestly, who can trust them anymore?

Ugh, I'm so done with these data breach announcements . Google's always like "oh no, our database has been hacked!" but it's never actually a big deal. Like, 90% of the stolen credentials are old news . And now they're claiming that the reports of a massive breach were just a misunderstanding? Come on Google, don't try to spin this one .

I mean, I get that you want to keep us informed about potential breaches, but your solutions always seem like a hassle. 2-step verification and passkeys are great and all, but who has time for that? And let's be real, most people just use the same password for every site anyway .

It's like you guys are trying to make us feel safe by making us jump through hoops. Can't you just give us a heads up when our account is actually compromised instead of just saying "oh no, we have some old credentials in our database"?

This is getting crazy ... another massive data breach at Google! 183 million users, that's like a small country . I'm not surprised though, passwords are like digital lottery tickets - anyone can get 'won' by a hacker. Google says the accounts aren't fresh victims, but it's hard to trust them right now . Have I Been Pwned is just saying that 90% of those stolen credentials were already out there... what does that even mean? It sounds like they're just trying to spin this as not being a major deal .

I'm all for Google's efforts on password security, but it feels like they're playing catch-up here. Why did we need another warning about passwords and 2-step verification? Can't they just make their systems more secure from the start? It's like they're letting users be the test subjects .

Anyway, I guess this is a reminder to us all to stay vigilant online... keep those passwords safe !

I'm getting so fed up with Google's "it wasn't our fault" vibe every time there's a data breach news. Like, what even is going on here? They're just adding new victims to this massive database of compromised passwords and then tell us that it's not a security breach but some misunderstanding about infostealer databases . I mean, we all know how those work, right?

And can they please just be honest for once? Like, if they've got 183 million user credentials exposed, shouldn't they own up to it and apologize instead of trying to spin the narrative ? It's always about "user protection" and "we're doing our best" but what about taking responsibility when you screw up?

I'm getting so fed up with Google's responses to these massive data breaches . I mean, 183 million users and they're still claiming it's all good? Like, what's going on over there? They're basically saying that the people whose info got stolen are actually new victims, but like, no one believes them anymore .

And Troy Hunt is like, totally right about this . I mean, 90% of those credentials have been seen before, so it's clear that only a small percentage of accounts are actual new victims . But still, Google's response is like, "oh no, we're fine, don't worry about it" . It's like, come on Google, own up to it and tell us what's really going on .

I'm not surprised they're still pushing the 2-step verification and password reset thingy though . I mean, that's just basic security best practice at this point . But seriously, can't they just be honest with us for once?

I don't like hearing about these big data breaches . I mean, I know passwords aren't super secure or anything, but 183 million people? That's just crazy! How do they even keep track of all those accounts? And what's up with the databases that compile all this info? Sounds like a mess to me . But at the same time, I guess it's good that Google is trying to warn us about potential breaches and stuff. Maybe we should just be more careful with our passwords, you know?

Ugh, I'm so frustrated with Google right now ! They're always denying these massive data breaches, but it's getting harder to believe them. I mean, 183 million users? That's a lot of people affected. And then they try to spin it by saying that only a small percentage of accounts are new victims... yeah, sure .

I think Google needs to be more transparent about what's going on. We shouldn't have to rely on third-party services like Have I Been Pwned to figure out if our info has been compromised. And what's with the inconsistent messaging? They're always talking about how strong their defenses are, but then they get caught in a breach and suddenly it's not that big of a deal.

I'm all for password security, but Google needs to step up its game. We need more than just a 2-step verification option to keep us safe. It's time for them to take responsibility for keeping our data secure .

Yooo, this is getting crazy ! 183 million users affected, that's a huge number. I'm not surprised though, cybersecurity is like a cat-and-mouse game, these hackers just keep coming back . Google's response seems legit but I need more info, how do we know the credentials aren't still compromised? It's good to see them using those infostealer databases to warn users tho, it's better than nothing . Still, 90% of stolen credentials have been seen before... that's some crazy stats .

my heart goes out to all those people whose info got leaked this is just so frustrating... i mean, can't we trust our email providers anymore? google is trying its best to reassure us that their security measures are strong, but it's hard not to feel a little paranoid when you hear about millions of credentials being exposed 16.4 million addresses showing up for the first time is just wild... i hope people take this as an opportunity to update their passwords and 2-step verification ASAP

The notion that Google is attempting to downplay the severity of the alleged data breach, by classifying the compromised accounts as "recent additions" to their database, does raise some eyebrows. This raises questions about the efficacy of their security measures and whether they're merely trying to deflect criticism.

It's also intriguing to note that only a small percentage of the stolen credentials are deemed new victims, suggesting that Google's defenses may be more effective than initially thought. However, one can't help but wonder if this is merely a case of damage control, rather than an honest assessment of their security protocols.

Overall, it seems that Google is taking the high road by emphasizing password security and encouraging users to take proactive measures to protect themselves. While this approach may be admirable in theory, it's unclear whether it's enough to alleviate concerns about the breach...

I'm not surprised Google is denying this breach again, it seems like they're using the infostealer database thing as a way to spin it . If 90% of those credentials have been seen before and only a small percentage are new victims, does that really sound like a massive breach? I think Google's response is a good example of how these companies try to downplay the issue by putting it into perspective - yeah, we've got your back, but you're also kinda in charge of your own password security . Troy Hunt's data breach search engine seems like a great resource for people, though

Data is such a weird thing ... on one hand, I get why Google would be tight-lipped about this - they're just trying to maintain their integrity in the eyes of their users, you know? And it's not like they're entirely wrong either, most of those credentials were probably already out there floating around. But at the same time, can we really trust that all of these 'recent additions' are actually legit? What if Google is just too slow to react or something? And I mean, 183 million users is a pretty big number... what's the point of having such a massive database if it's not going to be transparent about when things go down?

another "breach" alert , Google's latest dance move . 183 million users, huh? that's like a whole country's worth of people... I mean, if they're all just using the same password (again), congratulations on being part of the club, guys! . Meanwhile, Google is all "don't worry, our defenses are strong" , but it seems like they've been playing whack-a-mole with these breaches for years... . Can we just get a password manager that actually works?

Just another big breach , I mean what's new right? 183 million accounts affected, that's like half the population ! Google's trying to spin it by saying it's not a fresh attack, just old stolen passwords being added to their database . But honestly, how many times can you keep getting breached before you fix the problem?

I'm so over these massive data breaches and how they always seem to target our email accounts . Can't we just have one secure account for once? Google's been doing this for years, but still no real solution in sight .

Troy Hunt says 90% of the stolen credentials are repeat offenders , so maybe the problem isn't the breaches themselves, but our own habits . Turn on 2-step verification, use passkeys, reset passwords... yeah right we all know how hard that is to do consistently .

I'm not buying Google's "our defenses are strong" talk. They need to step up their game and actually fix these breaches for good . Until then, I'll be keeping my passwords in a safe place... or at least, trying to

Another major breach at Google . I mean, what's up with these guys? First it was 500 million passwords exposed in 2022 and now this... 183 million users compromised. Like, come on! They're basically saying "oh no, these accounts aren't new victims, they just joined our database of bad guys". And who knows how old those credentials are anyway? 90% have been seen before, so probably some dude had those same email and password combo back in '07. Anyway, it's always good to remember to use a strong passkey (wink) and turn on that extra layer of security.

Ugh I'm getting so tired of these massive data breaches happening all the time! 183 million accounts are at risk? Like, how do you even get that many passwords out there for hackers to grab?! And now Google's saying it's not a breach, but just a bunch of old credentials being added to their database... sounds like a cover-up to me . I know they want us to stay safe online and all, but come on, can't we trust them to do the right thing?

People often believe everything they read on the internet, but it seems like Google is just setting a new record for most false alarms . The more we learn about data breach reporting, the more we realize how complicated and confusing it all can be . As Steve Jobs once said, "Innovation distinguishes between a leader and a follower."