Changing Gmail Password Might Not Be Enough
A person programming a website. Mika Baumeister/Unsplash

Google has revealed a massive data breach affecting roughly 2.5 billion Gmail and Google Cloud users worldwide. The breach originated through Salesforce, a cloud software provider used by Google, and allowed hackers to access extensive account data.

Google's security team has warned users about the scale of the breach and urged immediate action. However, simply changing passwords may not fully protect accounts from the hackers behind this attack.

Google Discovers New Massive Data Breach

Google's Threat Intelligence Group (GTIG) identified the breach in June 2025. By August, they observed the cybercriminals employing overlapping techniques to infiltrate accounts.

According to Yahoo News, the group behind the attack, known as ShinyHunters, is notorious for targeting major companies including AT&T Wireless, Microsoft, and Ticketmaster. Their tactics are sophisticated, involving social engineering and vishing—where they impersonate IT staff on phone calls to trick victims into revealing credentials.

GTIG warned that ShinyHunters often follow these intrusions with extortion attempts, demanding bitcoin payments within 72 hours, and may soon launch a data leak site to pressure victims further.

What Google Data Was Hacked?

Google described the stolen data as 'basic and largely publicly available business information,' according to Tom's Guide. Although sensitive personal details were not confirmed to be compromised, this exposure raises the risk of phishing and social engineering attacks targeting Gmail users.

ShinyHunters has a history of selling stolen data on the dark web, which could lead to identity theft or further hacking attempts if users do not act quickly.

What Gmail Users Should Do Immediately

Google advises all Gmail users to change passwords without delay. Passwords should be unique and never reused across different services. Enabling two-factor authentication (2FA) is critical, with Google recommending options like Google Prompt or security keys for enhanced protection.

Additionally, users must update recovery details such as backup emails and phone numbers. Staying vigilant against suspicious communications—especially scam calls pretending to be from Google—is vital. Google clarifies it will not call users to warn them about breaches. Those potentially affected have received official alert emails from Google.

Changing Gmail Password Might Not Be Enough

Password changes alone do not guarantee full security. Users should implement several protective measures:

  • Use Unique and Strong Passwords: Avoid simple or common passwords and never reuse them across different sites. Consider trusted password managers such as 1Password, LastPass, or Apple's Keychain to securely create and store complex passwords.
  • Enable Two-Factor Authentication (2FA): Technology specialist Brandon Phipps urges: 'Enable two-factor authentication on all your digital accounts.' This adds an extra layer of protection by blocking unauthorized access even if passwords are compromised.
  • Join Google's Advanced Protection Program: For users requiring the highest security, this program restricts harmful downloads and unauthorized app access.
  • Beware of Phishing and Vishing Attacks: Never click links from unfamiliar sources or disclose personal information during unexpected calls. Google warns, 'Google will not contact users over the phone to inform them about security breaches.' Watch out for suspicious area codes like 650, known for scam calls.
  • Conduct Regular Security Reviews: Use Google Security Checkup to monitor recent activity, device access, and third-party app permissions. Disable POP3 or IMAP if unused, since these can bypass 2FA protection.
  • Keep Software Updated and Remove Unneeded Apps: Regularly update browsers, operating systems, and apps. Run up-to-date antivirus software and delete unused applications to minimize vulnerabilities.
  • Recognize Signs of a Compromised Account: Watch for unexpected password changes, unusual emails sent from your account, or unauthorized activity in Google Pay or Drive. If compromised, change passwords, run security checkups, alert contacts, and remain vigilant
Writer's pick
Google