Google has issued a sweeping security warning to billions of Gmail users, strongly advising them to reset their passwords immediately.
The call comes in the wake of a recent data breach tied to one of Google’s corporate Salesforce instances, which may have exposed user contact information and heightened vulnerability to phishing and social engineering attacks.
What Happened?
The breach was executed by the notorious ShinyHunters hacker group, also known as UNC6040, which used social engineering—impersonating internal staff—to gain access via Salesforce.
Initially, only publicly available business data (like names and email addresses) was taken. But follow-up intrusions have since compromised more sensitive credentials, putting accounts at serious risk.
Google suspects the hackers may escalate their tactics, potentially launching a data leak site to pressure victims into paying up.
How Big Is the Risk?
The scope of the warning is staggering—around 2.5 billion Gmail accounts have been flagged for immediate password reset.
Common Attacks Now in Play
- Phishing & Vishing: Attackers are masquerading as Google support via fake sign-in pages or phone calls—sometimes using “650” area codes—to deceive users into revealing passwords or 2FA codes.
- Credential Theft: Nearly 37% of phishing attempts involve sophisticated tricks designed to bypass even two-factor authentication.
What Google Recommends — Now
- Change Your Gmail Password Right Away — especially if it’s weak or reused across other services.
- Enable Two-Factor Authentication (2FA) — choose SMS, authenticator apps, or other provider-supported methods.
- Switch to Passkeys or Biometric Logins — such as fingerprint or Face ID; these provide phishing-resistant access.
- Run Google’s Security Checkup — review recovery options, connected devices, third-party apps, and recent activity spots.
- Be Wary of Impersonations — Google never contacts users by phone or email about breaches in this manner. Always verify alerts via official Google account pages.