2.5 billion Gmail users at risk after Google’s databases were hacked

How the phishing attacks work

Initial reports of attempted attacks have already been seen on Reddit, which are likely related to the data leak. Users describe how alleged Google employees have contacted them by phone to inform them of a security breach in their accounts.

In these scam attempts, attackers are trying to take over Gmail accounts by triggering alleged “account resets” and then intercepting passwords to subsequently lock out the account holders. Another attack method involves “dangling buckets” (i.e., outdated access addresses) to steal data from or inject malware into Google Cloud.

Both methods are extremely dangerous and currently threaten Gmail and Google Cloud users in particular, around 2.5 billion people worldwide. In theory, companies are of particular interest to hackers, but private individuals can also easily be targeted.

How to protect yourself

To be on the safe side, you should ensure that your account is protected against unauthorized access. Google has provided the following security measures for this purpose:

• Use Google’s Security Checkup to automatically identify security vulnerabilities and get account security recommendations.
• Activate Google’s Advanced Protection Program to get an additional security barrier that blocks the download of potentially harmful files and restricts non-Google apps from accessing Gmail data.
• Use passkeys instead of passwords to stay better protected against hacking attacks and phishing attempts.

Above all, you must remain vigilant. Be particularly skeptical if you’re contacted by alleged support staff who can’t confirm their identity. Google employees will never contact you by phone or email to reset a password or make other changes to your accounts.

Further reading: Gmail’s AI summaries can be hijacked by scammers