Warning for all Gmail and Outlook users after BILLIONS of passwords hacked

ALL internet users have been warned over dangerous “credential stuffing” hacks over Christmas.

Cyber-experts have warned of a holiday rise in the attacks – which use leaked passwords to break into your accounts.

You can use HaveIBeenPwned's online tool to check if you've been caught up in a data breach

You can use HaveIBeenPwned’s online tool to check if you’ve been caught up in a data breachCredit: HaveIBeenPwned

When websites leak or are hacked, huge file dumps containing passwords are uploaded online.

Hackers then try these passwords on your other accounts – or other users.

They hope that you’ve re-used your passwords, or have chosen simple and commonly adopted logins.

This gives hackers easy access to your online accounts without having to directly compromise your system.

If hackers can gain access to your Gmail or Outlook with this technique, they could then break into even more accounts.

Cyber-experts at Arkose Labs have warned that there were over 2billion “credential stuffing” attacks during the last year.

Most read in News Tech

Your iPhone has SECRET iMessage codes that unlock hidden features

TAP IN

Your iPhone has SECRET iMessage codes that unlock hidden features

And they said that the scale of attacks grew exponentially in recent months – and could peak over Christmas.

Hackers can steal and use your private info, resell it, drain your bank accounts and wreak havoc across your online life.

And there’s an increasing pool of leaked passwords to choose from.

Just days ago, we revealed how a whopping 5.5billion passwords had been hacked – and then logged through HaveIBeenPwned.

The news came after site creator and Microsoft exec Troy Hunt revealed that 225million breached logins had been added to the site.

How to stay safe this Christmas

You can use HaveIBeenPwned to check your own email to see if you’ve been caught up in any leaks.

But remember: even if your email hasn’t been breached, you may be using a simple password that has leaked from someone else.

This could also get you hacked.

And you should consider using a password manager – like Apple’s iCloud Keychain or Google Chrome – to generate strong passwords and be warned of re-used logins.

There’s obviously a huge risk for anyone whose username and passwords from different sites have been hacked.

It’s important to immediately change your log-in details to stay safe.

But even passwords uploaded online without associated usernames can put you at risk.

If you use a very simple password, it’s likely someone else does too – and they may have been hacked themselves.

Hackers buy huge lists of these compromised passwords from lots of different sites because people often re-use them.

So hackers are much more likely to gain access to an account by forcing a long list of “known” hacked passwords than trying random letters or numbers.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…

Woman shares hilarious Gmail blunder that could get you in trouble

In other news, Google Chrome users have been urged to delete their browser.

Facebook recently rebranded to Meta.

Check out the best iPhone 13 deals in October 2021.

And take a look at your hidden Facebook rejection folder.


We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at tech@the-sun.co.uk