Gmail users across the globe have been warned to take immediate action after a massive Google security breach left 2.5 billion accounts exposed to criminals. Google's database was breached by hackers, exposing 2.5 billion Gmail users to scams, as per The US Sun.
Scammers are using stolen data to impersonate Google workers via fake phone calls and emails and in light of the cybercrime, Gmail users have been put at risk. The cyber raid, linked to Google’s use of Salesforce’s cloud platform, happened in June when hackers tricked a staff member into giving away login details.
The breach has sent shockwaves across the UK as cybercriminals are already using the stolen information to impersonate Google workers. The notorious hacking gang ShinyHunters managed to steal vast files packed with company names and customer contact details.
Though Google maintains the passwords were not taken but experts warn fraudsters don’t need them to wreak havoc.
ALSO READ: Planning to attend US Open 2025? Check full schedule, ticket prices and other key details
The breach affected basic, publicly available business information, such as contact details and notes from small and medium-sized companies. However, Google emphasizes that customer data from Google Cloud or consumer products like Gmail, Drive, or Calendar was not compromised.
Users on social media claim the scammers are even ringing from numbers with the US 650 area code, tricking people into thinking the calls are genuine.
ALSO READ: $1,702 stimulus payment next date revealed: What requirements you must meet to claim the August 2025 deposit
The breach has triggered a surge in phishing and vishing scams, as cybercriminals exploit the fallout to steal sensitive data. Posing as Google representatives, scammers are contacting victims with fake security alerts, urging them to reset their Gmail passwords—only to hijack the accounts once the credentials are handed over. Those who fall for it end up locked out of their own Gmail accounts. Others lose access to sensitive files, photos and personal information.
In August, Google admitted that the attack took place but did not reveal the figures. Spokesman Mark Karayan declined to comment further on the matter, and it is not clear whether the company faced a ransom demand.
ShinyHunters, the group behind the breach, is known for targeting some of the biggest firms in the world. They specialise in raiding cloud-based databases and selling stolen information online.
ALSO READ: Roblox Grow a Garden admin war update countdown and release date revealed. Check details
"There's a huge increase in the hacking group trying to gain leverage on this. "There's a lot of vishing - people calling, pretending to be from Google, text messages coming through in order to get people to log in, or get codes to log in. "If you do get a text message or a voice message from Google, don't trust it's from Google. Nine times out of 10, it's likely not," James Knight told the Sun.
He added: "First thing, ensure multi-factor authentication is set. Second thing, make sure you've got a really strong password that's unique on that account." night also urged Gmail users to complete a Google Security Checkup, a free tool that highlights weak spots in accounts.
He recommended using “passkeys”, a newer way to verify identity that is harder for hackers to bypass.
ALSO READ: KingCobraJFS’s net worth: How a musician battled Alcoholism, Asperger’s syndrome and still made millions
Block downloads of potentially harmful files.
Restrict non-Google apps from accessing Gmail data.
Use passkeys instead of passwords for stronger protection against hacking and phishing attempts.
Be cautious: Be skeptical of anyone claiming to be support staff who cannot verify their identity.
Scammers are using stolen data to impersonate Google workers via fake phone calls and emails and in light of the cybercrime, Gmail users have been put at risk. The cyber raid, linked to Google’s use of Salesforce’s cloud platform, happened in June when hackers tricked a staff member into giving away login details.
The breach has sent shockwaves across the UK as cybercriminals are already using the stolen information to impersonate Google workers. The notorious hacking gang ShinyHunters managed to steal vast files packed with company names and customer contact details.
Though Google maintains the passwords were not taken but experts warn fraudsters don’t need them to wreak havoc.
ALSO READ: Planning to attend US Open 2025? Check full schedule, ticket prices and other key details
How are the Gmail victims being harassed?
Reports suggest victims are being bombarded with fake phone calls, dodgy emails and text messages urging them to hand over login codes or reset their passwords. Google recently confirmed that hackers accessed one of its corporate Salesforce instances, potentially exposing 2.5 billion Gmail users to scams.The breach affected basic, publicly available business information, such as contact details and notes from small and medium-sized companies. However, Google emphasizes that customer data from Google Cloud or consumer products like Gmail, Drive, or Calendar was not compromised.
Users on social media claim the scammers are even ringing from numbers with the US 650 area code, tricking people into thinking the calls are genuine.
ALSO READ: $1,702 stimulus payment next date revealed: What requirements you must meet to claim the August 2025 deposit
The breach has triggered a surge in phishing and vishing scams, as cybercriminals exploit the fallout to steal sensitive data. Posing as Google representatives, scammers are contacting victims with fake security alerts, urging them to reset their Gmail passwords—only to hijack the accounts once the credentials are handed over. Those who fall for it end up locked out of their own Gmail accounts. Others lose access to sensitive files, photos and personal information.
In August, Google admitted that the attack took place but did not reveal the figures. Spokesman Mark Karayan declined to comment further on the matter, and it is not clear whether the company faced a ransom demand.
ShinyHunters, the group behind the breach, is known for targeting some of the biggest firms in the world. They specialise in raiding cloud-based databases and selling stolen information online.
What should you do?
Cybersecurity expert James Knight advised Gmail users to update weak passwords, turn on multi-factor authentication, and be cautious of phishing and fake calls. Users should also check login settings and complete the Google Security Checkup to protect their accounts.ALSO READ: Roblox Grow a Garden admin war update countdown and release date revealed. Check details
"There's a huge increase in the hacking group trying to gain leverage on this. "There's a lot of vishing - people calling, pretending to be from Google, text messages coming through in order to get people to log in, or get codes to log in. "If you do get a text message or a voice message from Google, don't trust it's from Google. Nine times out of 10, it's likely not," James Knight told the Sun.
He added: "First thing, ensure multi-factor authentication is set. Second thing, make sure you've got a really strong password that's unique on that account." night also urged Gmail users to complete a Google Security Checkup, a free tool that highlights weak spots in accounts.
He recommended using “passkeys”, a newer way to verify identity that is harder for hackers to bypass.
ALSO READ: KingCobraJFS’s net worth: How a musician battled Alcoholism, Asperger’s syndrome and still made millions
How can you protect yourself?
You should use Google’s Security Checkup to automatically detect vulnerabilities and receive account security recommendations. Also, activate Google’s Advanced Protection Program to:Block downloads of potentially harmful files.
Restrict non-Google apps from accessing Gmail data.
Use passkeys instead of passwords for stronger protection against hacking and phishing attempts.
Be cautious: Be skeptical of anyone claiming to be support staff who cannot verify their identity.
(Catch all the Business News, Breaking News, Budget 2025 Events and Latest News Updates on The Economic Times.)
Subscribe to The Economic Times Prime and read the ET ePaper online.
Read More News on
(Catch all the Business News, Breaking News, Budget 2025 Events and Latest News Updates on The Economic Times.)
Subscribe to The Economic Times Prime and read the ET ePaper online.
ETPrime Membership
