Google Warns Gmail Users: Change Your Old Passwords Now After Major Data Breach
Share this article:
Google has issued a warning to its 2.5 billion Gmail users about a serious security threat that could put their accounts at risk. The company recently confirmed a data breach linked to a third-party Salesforce system, exposing nearly all Gmail accounts to danger.
The breach, which occurred in June, has sparked concerns about cybercriminals using advanced phishing campaigns to target users on a massive scale. In a blog post, Google admitted the breach is wider than initially believed, affecting not just Salesforce Drift but other integrations as well.
Google Threat Intelligence identified the culprit as UNC6395, a group that scanned customer support tickets, messages, and even accessed sensitive details such as AWS access keys, Snowflake tokens, and passwords-potentially opening doors to further account takeovers.
According to Forbes, Google has urged Gmail users to change their passwords immediately to reduce the risk of unauthorized access. The company also strongly recommends enabling two-factor authentication and adopting passkeys for stronger protection.
Google has clarified that no passwords were directly compromised in the recent breach, but warned that users of Gmail and Google Cloud are now at higher risk of phishing attacks. Threat actors are reportedly impersonating Google employees, contacting users via calls and texts to trick them into resetting passwords or sharing login codes.
The attack has been linked to ShinyHunter, a hacking group tied to several major breaches in the past, including Microsoft, Ticketmaster, and AT&T. While much of the stolen data was already public, experts fear the group could launch a phishing website to exploit users further.
The Software Freedom Law Centre (SFLC) noted that “breach came through an integration of a third-party platform, highlighting the vulnerabilities we all have in our systems.” SFLC added that business platforms and ticketing services were also impacted, urging users to change their credentials and remain vigilant against identity theft.
If you’re a Gmail user, change your password now and strengthen your account security to stay safe from potential phishing traps.
The breach, which occurred in June, has sparked concerns about cybercriminals using advanced phishing campaigns to target users on a massive scale. In a blog post, Google admitted the breach is wider than initially believed, affecting not just Salesforce Drift but other integrations as well.
Google Threat Intelligence identified the culprit as UNC6395, a group that scanned customer support tickets, messages, and even accessed sensitive details such as AWS access keys, Snowflake tokens, and passwords-potentially opening doors to further account takeovers.
According to Forbes, Google has urged Gmail users to change their passwords immediately to reduce the risk of unauthorized access. The company also strongly recommends enabling two-factor authentication and adopting passkeys for stronger protection.
Google has clarified that no passwords were directly compromised in the recent breach, but warned that users of Gmail and Google Cloud are now at higher risk of phishing attacks. Threat actors are reportedly impersonating Google employees, contacting users via calls and texts to trick them into resetting passwords or sharing login codes.
The attack has been linked to ShinyHunter, a hacking group tied to several major breaches in the past, including Microsoft, Ticketmaster, and AT&T. While much of the stolen data was already public, experts fear the group could launch a phishing website to exploit users further.
The Software Freedom Law Centre (SFLC) noted that “breach came through an integration of a third-party platform, highlighting the vulnerabilities we all have in our systems.” SFLC added that business platforms and ticketing services were also impacted, urging users to change their credentials and remain vigilant against identity theft.
If you’re a Gmail user, change your password now and strengthen your account security to stay safe from potential phishing traps.
Next Story