This is not a breach of 183 million Gmail account passwords. This is a collection of credentials, largely stolen by infostealer malware and circulating among cyber criminals, which was collected by a security researcher and passed on to Have I Been Pwned. Over 90% of the data has already been seen in previous releases.

Adding the details of website URLs, email addresses and passwords to the Have I Been Pwned database, owner Troy Hunt said the data consisted of both “stealer logs and credential stuffing lists” including confirmed Gmail login credentials.

The “confirmed Gmail login” bit comes from contacting one of the victims at random to verify the data and he confirmed the password was his Gmail password. It doesn’t appear to be a Gmail breach, just the results of credential stealing happened to include some people logging into Gmail.

Edit: Perhaps a more useful link is the original blog post from Have I Been Pwned’s Troy Hunt.

The good news is that the Google leak didn’t show up when I checked myself on haveibeenpwnd.

The bad news is a bunch of other leaks showed up I did not know about…

Not concerned, if it were plaintext or decryptable we'd be hearing about it much more loudly.

Use unique passwords, use 2 factor.