Home Innovation Security Google Warns 2.5 Billion Gmail...

Google Warns 2.5 Billion Gmail Users After Hackers Breach Salesforce Business Data

Security

BusinessHonor - Google Warns Gmail Users After Breach

Business Honor
30 August, 2025

Google warns Gmail users after hackers gained business information through Salesforce and requests for a password update and 2FA.

A security alert was recently issued to 2.5 billion Gmail users by Google after a recent data security breach involving a third-party Salesforce system that the business uses. Worries over a rise in hacking and vocal phishing (vishing) scams have been highlighted by the hack. The well-known hacker group UNC6040, often referred to as ShinyHunters, was responsible for the cyberattack. They have been linked to earlier hacks at Adidas, Cisco, and LVMH. They hacked a Salesforce platform that maintained records of small and medium sized business contact information and sales records.

Google confirmed that none of its important customer services, like Gmail and Google Drive, were affected by the hack. No important user data, banking details, or passwords were made public. Stolen data, like email addresses, phone numbers, and business names, is available to the public. So experts warn that such information can be used to create convincing frauds. Through "vishing," in which they claimed to be IT support over the phone, the attackers were able to gain access. Before Google's security team detected and halted the breach, the hackers were able to gain data by tricking a Google employee into giving them access.

The stolen information is considered low-risk but can be used in some phishing attempts. Hackers are currently trying to fool customers into revealing passwords or two-factor authentication (2FA) codes by acting as real businesses in emails and phone calls. All users are warned to take further safety measures, like changing passwords, setting two-factor authentication, and to be aware of strange calls or texts. Google highlights that staying alert is the strongest defense against developing cyberthreats, as phishing scams are currently growing increasingly common.