A sweeping cybersecurity breach has reportedly exposed the passwords and personal data of more than 183 million Gmail users, prompting renewed warnings for Americans to strengthen their online security, Daily Express reports.

Experts say the leak — amounting to roughly 3.5 terabytes of stolen data — originated from multiple sources and includes email addresses, passwords, and the websites where those credentials were used.

The compromised information has since appeared on the Have I Been Pwned database, which tracks major data exposures.

According to cybersecurity researcher Troy Hunt, the incident stems from widespread infostealer activity — malware that collects user credentials from infected devices.

“All the major providers are represented,” Hunt said, “but Gmail accounts appear most frequently.”

The breach follows a string of cyber-theft reports and comes only months after Google warned users about sophisticated AI-driven scams targeting Gmail accounts.

A Google spokesperson said while the stolen data did not originate from Google’s own systems, users should take precautionary steps.

“This report covers broad infostealer activity that targets many types of web services,” the spokesperson said. “To stay protected, users should enable two-step verification and consider switching to passkeys, a simpler and stronger alternative to passwords.”

Google also recommends checking the Account Activity page for unfamiliar logins and using the Account Recovery tool if access has been compromised. The company said it routinely resets passwords connected to large credential leaks to help limit further damage.

Cybersecurity analysts warn that anyone potentially affected should immediately update their passwords across all platforms and enable multifactor authentication to reduce the risk of identity theft.