Skip to main content

A Russian hacker has 272 million stolen Gmail, Yahoo, and Hotmail passwords

gmail early phishing detection inbox
Image used with permission by copyright holder
It may be time to update the password for your email. Usernames and passwords for more than 250 million stolen Yahoo Mail, Gmail, Hotmail, and other accounts are being swapped around in Russia’s criminal underworld, according to Reuters.

These stolen accounts were discovered by Hold Security, where researchers found a Russian hacker, dubbed as “the Collector,” bragging that he was ready to “give away” these credentials, which totaled 1.17 billion records. The security company eliminated duplicates, and found the total number of compromised accounts to be 272.3 million.

Recommended Videos

The largest amount of compromised credentials, 57 million, belong to Mail.ru users, which is Russia’s most popular email service. The email service has 64 million monthly active users, which means the breach affects most of the company’s userbase.

The rest break down to other popular email clients including Yahoo Mail, which reportedly has 40 million emails compromised; Microsoft Hotmail, with 33 million; and Gmail, with 24 million stolen credentials. Other credentials from email providers in Germany and China are also affected. It’s not clear if any of these accounts have actually been breached.

Many of the emails link to employees of some of the largest U.S. banking, manufacturing, and retail companies. Hold Security has been informing affected companies and organizations.

“This information is potent,” Alex Holden, founder and chief information security officer at Hold Security, told Reuters. “It is floating around in the underground and this person has shown he’s willing to give the data away to people who are nice to him. These credentials can be abused multiple times.”

The Russian hacker allegedly asked for 50 rubles, less than $1, for the data. But the security company received a copy after it agreed to post positive comments about the Russian in various hacker forums. The company didn’t pay for the stolen data, as it went against company policy.

“We are now checking whether any combinations of usernames/passwords match users’ e-mails and are still active,” a Mail.ru spokesperson told Reuters. “As soon as we have enough information, we will warn the users who might have been affected.”

The Russian email provider’s initial checks found no live combinations of user names and passwords that match existing emails.

Google moves quickly to rectify compromised accounts it detects, but cannot speak to specific incidents, according to the search giant. These “credential dumps,” like the one Google discovered in 2014, are an unfortunate reality.

“It’s important to note that in this case and in others, the leaked usernames and passwords were not the result of a breach of Google systems,” the company said in the 2014 blog post. “Often, these credentials are obtained through a combination of other sources. For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others. Or attackers can use malware or phishing schemes to capture login credentials.”

These password dumps are a good reminder to set up a recovery phone number so the Mountain View company can quickly contact users in worst-case scenarios, according to Google.

A Microsoft spokesperson told Reuters that the company has security measures in place to detect compromised accounts, and requires additional information to verify the account owner.

Google told Digital Trends the company did not have a comment on the specific incident at the moment, and Microsoft and Yahoo have yet to respond. We will update this post when we hear back.

Julian Chokkattu
Former Digital Trends Contributor
Julian is the mobile and wearables editor at Digital Trends, covering smartphones, fitness trackers, smartwatches, and more…
GeForce Now introduces a 100-hour monthly playtime cap
nvidia geforce now ultimate halfway across country 1

Nvidia’s GeForce Now is undergoing significant changes. Its Priority membership has been rebranded as the "Performance" tier, bringing an enhanced gaming experience at the same price. Performance members can now stream games at up to 1440p resolution and in ultrawide formats, with settings saved across sessions. This upgrade aligns the Performance tier closer to Ultimate, the highest tier, which supports 4K streaming and high refresh rates through GeForce RTX 4080-powered servers.

One of the most notable changes coming in 2025 is the introduction of a 100-hour monthly playtime cap for both Performance and Ultimate members, aimed at managing Nvidia’s cloud infrastructure. Nvidia also mentions in its blog post that this limit will affect only a small percentage of its player base, with over 94% of users typically playing well within this timeframe. To offer flexibility, Nvidia will allow up to 15 unused hours to roll over to the following month. Users who reach their limit can purchase extra playtime, with additional 15-hour blocks available at $2.99 for Performance members and $5.99 for Ultimate members.

Read more
These AI features might actually make me use Paint and Notepad again
Windows 11 logo on a laptop.

Your everyday Windows apps are going to get a whole lot smarter. As Microsoft mentions in its Windows Insiders Blog, using the Windows 11 Paint and Notepad app will improve thanks to new AI features that the tech giant is adding to make it more helpful for users. It's still in early testing, and there is no official information about when or if it'll roll out to all users.

For starters, the Notepad app for Windows 11, after getting an update that added autocorrect and spellcheck, is now getting a new Rewrite ability that helps you rewrite highlighted text following any instructions you add.

Read more
Best Samsung Galaxy deals: S24, Buds, Watches and more
The Galaxy Z Fold 4's Cover Screen.

Samsung’s Galaxy lineup is one of the more popular tech lineups on the market. Among it you’ll find some of the best headphone deals, best smartwatch deals, best tablet deals, and best phone deals available. Whatever piece of tech you may have your eye on Samsung likely has within the Galaxy lineup. These devices also see pretty significant discounts pretty regularly, so we thought we’d round up all of the best Samsung Galaxy deals to make finding the right Samsung Galaxy model for you more convenient. Read onward for all of the details on how to save, and if you’d like to shop more specifically within the Galaxy lineup you can start with Samsung Galaxy Z Flip 5 deals, Samsung Galaxy Z Fold 5 deals, Samsung Galaxy Buds deals, or Samsung tablet deals.
Samsung Galaxy Buds Pro 2 — $107 $199 46% off

The Galaxy Buds 2 Pro are the high-end model of Samsung’s Galaxy Buds earbuds. They make great competition for the best wireless earbuds even if they don’t make everyone’s list, and with their Intelligent Active Noise-Cancelation technology they compare well with the best noise-canceling headphones. The Galaxy Buds 2 Pro produce high quality audio whether you’re listening to music, watching movies, or talking on the phone, and they pair easily with any Bluetooth device.

Read more