Google Warns 2.5 Billion Gmail Users After ShinyHunters Data Breach via Salesforce
PakkaHyderabadi 
Warning issued to Gmail users following a major data breach linked to hacking group ShinyHunters
Google has issued a strong warning to Gmail users following a data breach involving the notorious hacking group ShinyHunters. The cyberattack compromised sensitive information by targeting one of Google’s corporate Salesforce systems, potentially putting around 2.5 billion Gmail accounts at risk. While the stolen data primarily included names and business contact details, Google urges all affected users to reset their passwords and enhance their account security.
How the Breach Occurred
According to reports, the breach happened when ShinyHunters impersonated Google staff members to deceive IT support teams and gain access to the Salesforce instance. Google confirmed that the stolen data was limited to basic business information, emphasizing that the breach, though seemingly minor, still poses a significant threat. The company acknowledged the incident, stating that it occurred in June and involved activity by the group UNC6040.
Phishing and Extortion Threats
The exposed information, although basic, elevates the risk of phishing scams and extortion attempts. Google has advised affected users to be vigilant for suspicious emails or calls, especially those requesting Bitcoin payments. Cybersecurity experts warn that even seemingly harmless data can be exploited for social engineering attacks to trick users into revealing sensitive personal information.
Preventive Measures and What’s Next
Google continues to monitor the situation closely and plans to provide updates as necessary. Users are strongly encouraged to change their passwords, activate two-factor authentication, and remain cautious of any suspicious contact. Given ShinyHunters’ history of targeting global companies like Santander and AT&T, vigilance is key to safeguarding online accounts against future threats.
