.png){kind=logo}
Google has confirmed a massive security breach affecting nearly 2.5 billion Gmail users. Given the severity and number of affected people, it is the most significant data breach in history.
The process began in June 2025, when a cybercriminal group named ShinyHunters (also known as UNC6040) used sophisticated phone-based tactics to access the computers of Google’s Salesforce and access the data of the users.
Reports indicate passwords weren’t exposed during this breach, but other sensitive details, including contact details, business names, and notes, have been harvested. Reportedly, the victims received fake phone calls, dodgy emails, and text messages that asked them to change passwords. Those who followed the instructions fell into the trap.
The data breach came to light after the hackers placed this stolen data for sale on the dark web. The moment it was revealed, government and private cybersecurity agencies immediately warned Gmail users globally to change their passwords. However, thankfully, the attackers accessed contact and business data but not passwords.
Still, they have been actively sending victims phishing emails, spoofed calls (these calls often show the Silicon Valley code ‘605’ to make them authentic), and text messages to ask them to change passwords or hand over login codes.
Those who have fallen for this scam have lost sensitive information like personal documents, photos, and other files. This incident reportedly occurred between late June 2025 and early July 2025.
Google has acknowledged this breach and notified affected users by August 8. However, this Google cyberattack has stirred the world. About this matter, cybersecurity expert James Knight mentioned, “here’s a lot of vishing – people calling, pretending to be from Google, text messages coming through in order to get people to log in, or get codes to log in…If you do get a text message or a voice message from Google, don’t trust it’s from Google. Nine times out of 10, it’s likely not.”
This attack is indeed massive and can be the largest in history, but it’s not the first time Google has faced this kind of security glitch. This time, no login credentials have been stolen; however, the data is still sufficient to launch scam operations. However, previous similar scam incidents include:
Google+ API breaches (2018): During these two incidents, millions of Google users were affected, and their private data was stolen. The number of affected people during these incidents was nearly 500,000 and 52.5 million, respectively.
Gmail phishing & OAuth scams (2017–2018): In the same year, Google was targeted by another malicious attack. Hackers exploited OAuth permissions, mimicking Google Docs invites to trick users into granting access to their Gmail accounts.
Gooligan malware (2016): Another notable cyberattack that compromised over 1 million Google accounts by stealing authentication tokens.
2014 Gmail credentials leak: The highly publicized Google data breach occurred in 2014, exposing approximately 5 million Gmail addresses and passwords online. It was not a data breach in a traditional sense, but it highlighted the vulnerabilities in account protection.
Also Read: Dark Web Data Breaches: The Alarming State in 2025
If one analyzes the Google data breaches over the years, one question is sure to bother: how to prevent these cyberattacks. Well, it’s impossible to stop these attacks entirely, but tech companies can tighten their security measures to reduce the frequency.
First, Google can reinforce zero-trust security frameworks and limit the reliance on employee-provided credentials. Second, they must audit third-party cloud systems, such as Salesforce, to identify vulnerabilities.
Finally, the timely disclosure of data breaches is crucial for maintaining user trust in their system. Quick notification reduces the rate of victims.
Cybersecurity experts warn that a Gmail hack could expose sensitive personal and financial information if users don’t enable two-factor authentication. In this era, completely putting a stop to cyberattacks is impossible, but companies should prepare their defense to fight the cybercriminals and protect user data.
