A massive leak has exposed more than 183 million email passwords, including tens of millions linked to Gmail accounts, in what cybersecurity analysts are calling one of the biggest credential dumps ever uncovered.

The stolen trove containing 3.5 terabytes of data surfaced online this month, according to Troy Hunt, the Australian security researcher who runs the breach-notification site Have I Been Pwned.

Hunt stated that the information originated from a yearlong sweep of “infostealer” platforms — malware networks that secretly siphon usernames, passwords and website addresses from infected devices.

The data consists of both “stealer logs and credential stuffing lists,” Hunt wrote in a blog post. 4

“Someone logging into Gmail ends up with their email address and password capture

See Full Page