GMAIL users worldwide are being warned to act now after a massive Google security breach left 2.5 billion accounts exposed to criminals.
The cyber raid, linked to Google’s use of Salesforce’s cloud platform, happened in June when hackers tricked a staff member into giving away login details.
3
3
The breach has sent shockwaves across the UK and worldwide as scammers quickly moved to exploit the stolen data.
The notorious hacking gang ShinyHunters managed to steal vast files packed with company names and customer contact details.
Google says passwords were not taken — but experts warn fraudsters don’t need them to wreak havoc.
Cybercriminals are already using the stolen information to impersonate Google workers.
Victims are being bombarded with fake phone calls, dodgy emails and text messages urging them to hand over login codes or reset their passwords.
Cybersecurity expert James Knight said: “There’s a huge increase in the hacking group trying to gain leverage on this.
“There’s a lot of vishing – people calling, pretending to be from Google, text messages coming through in order to get people to log in, or get codes to log in.
“If you do get a text message or a voice message from Google, don’t trust it’s from Google. Nine times out of 10, it’s likely not.”
Users on social media claim the scammers are even ringing from numbers with the US 650 area code, tricking people into thinking the calls are genuine.
Those who fall for it end up locked out of their own Gmail accounts. Others lose access to sensitive files, photos and personal information.
Knight warned hackers are also trying simple brute-force methods to break in.
Some are testing weak passwords like “password” to get lucky with careless users.
He added: “First thing, ensure multi-factor authentication is set. Second thing, make sure you’ve got a really strong password that’s unique on that account.”
Multi-factor authentication means a secret code is sent to your phone or email whenever you log in. Without it, accounts are much easier to hijack.
Knight also urged Gmail users to complete a Google Security Checkup, a free tool that highlights weak spots in accounts.
He recommended using “passkeys”, a newer way to verify identity that is harder for hackers to bypass.
Another threat uncovered after the breach is the so-called “dangling bucket” trick.
This involves exploiting old or forgotten digital access points in Google Cloud accounts, giving hackers a secret doorway to steal files or plant malware.
The breach has also sparked questions over Google’s own security.
Salesforce, originally used for customer data storage, has since become a major database system capable of building detailed profiles of users’ online habits.
Google has relied on Salesforce for its Gmail services, which is why so much data was exposed when the system was compromised.
Knight, who works with government agencies and companies to test their cyber defences, said he was shocked Google left this particular weakness open.
How to protect yourself?
- Use Google’s Security Checkup to automatically detect vulnerabilities and receive account security recommendations.
- Activate Google’s Advanced Protection Program to:
- Block downloads of potentially harmful files.
- Restrict non-Google apps from accessing Gmail data.
- Use passkeys instead of passwords for stronger protection against hacking and phishing attempts.
- Stay vigilant: Be skeptical of anyone claiming to be support staff who cannot verify their identity.
- Remember: Google employees will never contact you by phone or email to reset your password or make account changes.
“Google puts a lot of money into their security, and they even purchased a security company many years ago, so it’s surprising that they left this one open, and the hackers gained access to the Salesforce database environment,” he revealed.
He added: “These email addresses are really golden. These hackers have made themselves a lot of money.”
Despite the scale of the breach, Google has refused to say exactly how many accounts were hit.
In an August blog post, the tech giant admitted the attack but gave no figures.
Spokesman Mark Karayan declined to comment further on the matter, and it is not clear whether the company faced a ransom demand.
ShinyHunters, the group behind the breach, is known for targeting some of the biggest firms in the world.
They specialise in raiding cloud-based databases and selling stolen information online.
Knight warned the danger is far from over: “Hackers are able to take this huge database, try common passwords, and then send codes through, requesting those codes, trying to gain access to accounts. So, people just need to be vigilant as they always should.”
Chrome and Android flaws patched
This follows a series of recent security issues, with Google now urging users to install the latest Chrome and Android updates without delay.
For Chrome, the new Stable Channel release addresses multiple vulnerabilities, including a high-severity bug in ANGLE, the graphics technology the browser uses.
Left unpatched, a malicious web page could exploit this flaw to tamper with memory in ways that threaten device security.
Two medium-risk issues, in the File Picker and in Chrome’s interface layer, Aura, have also been fixed.
On Android, Google’s August patch targets several critical “no-touch” vulnerabilities.
The most serious, CVE-2025-48530, is a remote code execution flaw that could allow hackers to hijack a device without any action from the user.
Two additional defects, CVE-2025-22441 and CVE-2025-48533, also require no interaction, making them especially dangerous.
Although none of these vulnerabilities are currently being exploited, Google has moved quickly to plug the gaps.
DON’T DELAY! UPGRADE TODAY
Here’s what The Sun’s tech editor Sean Keach has to say…
I know, I know – another update!
It seems like everything wants to update all of the time. Your phone, the apps, your living room telly, that smart toaster you got for Christmas.
Updating everything constantly is a real pain – and that’s great news for hackers.
Digital crooks prey on people who don’t bother updating their devices.
Tech giants go to great lengths to close down bugs in their gadgets and apps – delivering the fixes to you over the internet in the form of updates.
And if you’re not installing those updates, you’re not getting those protections.
It’s like a tech company is telling you that someone has stolen your key, and is offering you a free lock change. Only it’s almost instant, and far easier to sort.
If you don’t take the update, the crooks can walk right in through your virtual front door.
Depending on the severity of the bug, a crook could spy on you, steal your private info, and maybe even pilfer your cash or defraud you.
It’s just not worth the risk.
Security updates are one of your best defences against hackers, and they don’t cost you a penny.
Plus you’ll usually get some bonus features chucked into these updates too, so that’s something to look forward to.
Picture Credit: Sean Keach
3
