Just a week after an AWS (AMZN) outage left millions of websites unresponsive, another major tech disruption has surfaced, this time involving a massive leak of Gmail passwords. Cybersecurity researchers disclosed that more than 183 million email passwords were stolen by malware and shared online. The leak includes millions of Gmail addresses, making it one of the largest credential exposures of 2025. However, Alphabet (GOOGL) (GOOG) said Gmail’s servers were not breached.
Elevate Your Investing Strategy:
- Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence.
According to Google, the stolen passwords came from users’ infected devices rather than any system flaw. The exposed data appeared on the Have I Been Pwned website on October 21, following an investigation by cybersecurity firm Synthient. The firm tracked stolen credentials moving across dark web channels and social platforms. In total, the dataset spans about 3.5 terabytes and includes information from 23 billion records.
The reveal comes just before Alphabet is set to release its Q3 earnings report on Wednesday, October 29. Despite the news, GOOGL shares rose 3.60% on Monday, closing at $269.27.
Malware, Not a Gmail Breach
Google clarified that the issue stems from “infostealer” malware that secretly collects login details as users browse or log in to accounts. In most cases, these infections come from phishing emails, fake downloads, or unsafe browser extensions. Nearly 91% of the leaked data had already been exposed in earlier breaches, yet about 16.4 million email addresses were new to any public record.
This exposure highlights the surge in credential theft. Synthient said stolen credentials jumped more than 800% in the first half of 2025. In some cases, the firm recorded up to 600 million stolen passwords in a single day. The scale of this activity has increased the risk of password reuse among users who reuse the same credentials across websites and financial accounts.
What Users Can Do
Google advised users to activate two-step verification or switch to passkeys for stronger protection. It also recommended visiting Have I Been Pwned to see if an email address was included in the breach. Changing passwords and removing unused extensions can reduce exposure.
While the event has no direct impact on Alphabet’s financial outlook, it renews attention on digital safety practices. For investors and consumers alike, the breach serves as another reminder that cybersecurity remains a key part of online trust and market stability.
Is GOOGL Stock a Buy?
Despite the recent cyber turbulence, Alphabet continues to boast a Strong Buy consensus. The average GOOGL stock price target is $267.53, implying a 0.65% downside from the current price.
