Google has issued an emergency warning to its 2.5 billion Gmail users, urging them to reset passwords and bolster security measures. The alert follows a Salesforce data breach that hackers have exploited to launch phishing attacks. Notifications began rolling out on August 8, 2025, after Google detected successful intrusions.
The breach targeted Google’s corporate Salesforce instance in June 2025, where hackers stole basic business contact information, much of it publicly available. The group, tracked as UNC6040, used voice phishing—impersonating IT support over phone calls—to trick employees into granting access. This led to data exfiltration and potential extortion by actors linked to the notorious ShinyHunters group. Over 2.5 billion Gmail accounts are now at heightened risk from targeted phishing emails using the leaked data.
Gmail users should immediately reset their passwords to strong, unique ones and enable two-factor authentication (2FA) via the Google Account settings. Review recent account activity for suspicious logins and avoid clicking links in unsolicited emails, according to Google’s advisory.
The attack unfolded through social engineering tactics, with hackers registering malicious apps in Salesforce to siphon data. Google cut off access quickly, but the incident highlights vulnerabilities in cloud platforms. The company notified affected parties by August 8 and is monitoring for further escalations, including a possible data leak site from the hackers.
Google’s Threat Intelligence Group stated, “UNC6040 is a financially motivated threat cluster that accesses victim networks by voice phishing social engineering.” This comes amid a surge in cyber threats, with similar breaches hitting companies like AT&T.
Moving forward, Google recommends organizations adopt stricter access controls, such as IP restrictions and multi-factor authentication enforcement. Users can expect ongoing alerts as threats evolve. For more details, check Google’s official blog post on the incident.
Actionable Steps for Gmail Users:
- Change your password in Google Account settings.
- Turn on 2FA using an authenticator app or phone number.
- Use Google’s Password Checkup tool to scan for compromised credentials.
- Report suspicious emails via Gmail’s spam filter.
This warning underscores the need for vigilance in an era of sophisticated hacks. By acting now, users can protect their accounts from unauthorized access.
Your blog has quickly become my go-to source for reliable information and thought-provoking commentary. I’m constantly recommending it to friends and colleagues. Keep up the excellent work!
I wanted to take a moment to commend you on the outstanding quality of your blog. Your dedication to excellence is evident in every aspect of your writing. Truly impressive!