Google Issues Emergency Warning to 2.5 Billion Gmail Users After Major Data Breach Threat
August 29, 2025 - In an unprecedented alert issued today, Google has sounded the alarm for approximately 2.5 billion Gmail users worldwide, urging them to take immediate steps to secure their accounts following a large-scale data breach tied to a third-party cloud platform.
According to Google’s Threat Analysis Group (TAG), the hacking collective known as ShinyHunters exploited credentials obtained from a recent Salesforce breach to launch sophisticated phishing and vishing campaigns against Gmail users. While Google emphasizes that its own systems remain secure, the stolen data-primarily business names and contact lists-has been weaponized to craft deceptive sign-in pages and phone calls that impersonate Google support staff.
“Although the compromised information was basic and largely publicly available, threat actors are leveraging it to intensify social engineering attacks,” TAG reported. The group warned that ShinyHunters may soon deploy a dedicated data leak site to pressure victims into compliance.
Timeline of Events
- June 2025: Google detects initial signs of unauthorized access attempts tied to ShinyHunters activity against its Salesforce instance.
- August 8, 2025: Google notifies all identified users via email about potential account compromise.
- August 29, 2025: Emergency warning issued to 2.5 billion Gmail users globally.
Recommended Actions for Gmail Users
Google has advised users to:
- Change Passwords Immediately: Create strong, unique passwords.
- Enable Two-Factor Authentication: Add an extra layer of security to prevent unauthorized logins.
- Remain Vigilant Against Phishing: Treat unsolicited calls or emails claiming to be from Google with suspicion; Google never initiates security warnings via phone.
- Review Security Settings: Use Google’s Security Checkup and consider adopting passkeys for enhanced protection.
Security experts note that only about one-third of Gmail users regularly update their credentials, leaving many accounts vulnerable. By combining robust passwords, routine updates, and multi-factor authentication, users can significantly reduce the risk of falling victim to these evolving cyber threats.
About ShinyHunters
Formed in 2020, ShinyHunters has been linked to high-profile breaches at organizations such as AT&T, Microsoft, and Ticketmaster. The group is notorious for exfiltrating large volumes of user data, which it often auctions on illicit forums or uses for extortion.
- END -
Sources: Google Emergency Warning: Gmail Users Urged to Take Immediate Action After Major Data Breach Threat Over 2.5 billion Gmail users warned by Google after massive Salesforce data breach Google issues warning to 2.5 million Gmail users - change your password right now
Categories
Autos and vehicles Beauty and fashion Business and finance Climate Entertainment Food and drink Games Health Hobbies and leisure Jobs and education Law and government Other Politics Science Shopping Sports Technology Travel and transportationRecent Posts
Tags