All products and promotions are independently selected by our experts. To help us provide free impartial advice, we will earn an affiliate commission if you buy something. Click here to learn more
If you have a Gmail account — you'll want to change your password now. As many as 2.5 billion users had their contact information exposed in a massive data breach this past June.
The hacking group ShinyHunters managed to access a Google database by deceiving one of its employees into revealing login credentials for a system hosted on Salesforce's cloud platform. Crooks working at ShinyHunters stole a bucketload of files with company names and contact details.
If you're impacted by the hack, your email address and contact details could be in the hands of criminals who are actively using this information to target you. Think of it as thieves having your home address and phone number – they can't get inside yet, but they know exactly where to find you.
The breach has triggered an avalanche of scam attempts, with fraudsters impersonating Google staff through phone calls and emails to trick you into surrendering your account access.
Google owns Gmail, one of the most popular email clients on the planet, with over 2.5million users
| GETTY IMAGESSo, why are so many finding out about this now?
Google didn't confirm the incident until August 5, and started to notify affected customers on August 8.
The breach occurred when ShinyHunters manipulated a Google employee through social engineering, essentially tricking them into sharing their login credentials. It's similar to someone pretending to be your bank on the phone and convincing you to reveal your PIN.
The criminals gained access to business files containing company names and customer contact information stored in Google's Salesforce database. While Google has confirmed that no passwords were stolen during the incident, the information they did obtain is still valuable to scammers.
Your email address and associated details are now part of a massive list being circulated among cybercriminals. They're using this data to craft convincing impersonation attempts, knowing exactly which email addresses are genuine Gmail accounts and potentially linking them to other personal information.
The criminals are now bombarding you with fake calls, particularly from 650 area code numbers, attempting to convince you to reset your Gmail password. If you fall for these schemes, you'll find yourself locked out of your account or discover your private files have been stolen.
Switch to 1Password for FREE
The award-winning 1Password is designed to generate and store unguessable passwords, passkeys, credit card numbers, national insurance numbers, and much more. This encrypted vault is available across all of your favourite devices, including iPhone and Android, Windows and Mac computers, iPad and other tablets. Its built-in WatchTower feature evaluates password strength and warns about data breaches that impact you. 1Password is currently free to test for 14 days with no obligation to subscribe
Cybersecurity expert James Knight told The Sun, "There's a huge increase in the hacking group trying to gain leverage on this. There's a lot of vishing – people calling, pretending to be from Google, text messages coming through in order to get people to log in, or get codes to log in."
He emphasised: "If you do get a text message or a voice message from Google, don't trust it's from Google. Nine times out of 10, it's likely not."
Some hackers are taking a more direct approach, attempting to break into accounts by testing common passwords, such as "password," against the stolen email addresses.
Knight has outlined essential steps you need to take immediately to protect your account. "First thing, ensure multi-factor authentication is set. Second thing, make sure you've got a really strong password that's unique on that account," he advised.
Multi-factor authentication creates an additional security barrier by requiring a code sent to your phone or email before allowing login. It's like having a double lock on your door - even if someone has your key, they can't get in without the second verification.
Knight also recommends switching to passkeys, a cutting-edge security feature that uses your fingerprint or face recognition instead of passwords. "Third thing, do the Google security checkup. That's a key thing as well, so they can identify the weakest points in their accounts," he added.
LATEST DEVELOPMENTS
Multi-factor authentication creates an additional security barrier by requiring a code sent to your phone or email before allowing login.
|PEXELS
Beyond the direct scam attempts, criminals are employing sophisticated tactics like the "dangling bucket" method. This involves infiltrating Google Cloud accounts through forgotten or outdated access points - imagine leaving a spare key under your doormat that you've forgotten about.
If you're unfamiliar with Google Cloud, it's a suite of services from Google that provides computing resources, data storage, machine learning tools, and other infrastructure for developers and businesses to build, run, and scale applications.
Knight revealed his surprise at Google's vulnerability: "Google puts a lot of money into their security, and they even purchased a security company many years ago, so it's surprising that they left this one open, and the hackers gained access to the Salesforce database environment."
ShinyHunters has built a reputation for targeting major corporations and their cloud-based systems, making this attack part of a broader pattern of high-profile breaches.