Gmail and Google suffer a massive cyberattack with 2.5 billion accounts affected

Google confirmed this week a massive leak affecting approximately 2.5 billion Gmail accounts and linked services. The incident, attributed to the group of cybercriminals Shiny Hunters (UNC 6040), occurred after illegal access to databases hosted on Salesforce, a platform that Google uses to manage data for small and medium-sized businesses. Although passwords haven't been compromised, the information obtained includes business names, emails, telephone numbers and related notes, opening the door to cyberattacks such as phishing and targeted fraud.

‍

What happened in the Gmail and Google data breach?

• Unauthorized access to a Salesforce database: The attackers used sophisticated techniques of Social Engineering and Vishing to deceive employees and gain temporary access to Google's contact management platform.
• Compromised data: Basic and public information about users and companies, including names, emails, phone numbers and notes, but without financial information or passwords.
• Notifications to those affected: Google began sending alerts to impacted users in early August and ended in the first week, urging them to activate two-step verification and monitor suspicious activity.
• Limited access window: The exploit lasted only a few hours before it cut off access to the attackers, but the damage had already been done and the risk remains due to the potential reuse of data.

‍

Current risks and why this gap is a concern

• Massive phishing campaigns: The information obtained makes it possible to design very convincing emails or calls that can deceive users and cause identity theft or financial fraud.
• Fraud aimed at small and medium-sized businesses: Since the database involves many business users, these companies can be the target of personalized attacks.
• Trust and Reputation: Large companies like Google must face the reputational and customer satisfaction challenge after incidents of this magnitude.
• New risk for the digital ecosystem: By integrating cloud systems and shared platforms, the importance of strengthening not only technical security but also human training and surveillance is evident.

‍

Apollo Cybersecurity Tips for Protecting Your Account and Online Data

• Activate two-step verification (MFA): It adds an extra layer of security against unauthorized access.
• Strengthen your passwords: Use strong, unique keys with a combination of letters, numbers and symbols.
• Don't reply to suspicious emails: Always check senders and avoid clicking on dubious links that ask for personal information.
• Regularly review your account activity: Detect access from unknown devices or places.
• Keep your devices and apps up to date: Always install the latest security patches.
• Educate your team about social engineering and phishing: Prevention starts with the user.

‍

🛡️ Request your free consultancy with Apolo Cybersecurity and strengthen your digital defense today

The massive data breach in Gmail and Google reinforces the importance of prevention and rapid response to cybersecurity incidents. While Google has acted quickly, users and companies must redouble their efforts to protect their information.

Do you want to ensure your organization's digital protection against breaches and attacks?

‍