Despite viral claims that Google is instructing every Gmail user to urgently change their password because of a direct breach, the reality is more nuanced. Google is indeed advising users to reset their credentials, but not due to a compromise of Gmail accounts themselves. Instead, the company is urging people to adopt stronger authentication—including passkeys—because a separate incident involving Salesforce increased the likelihood of sophisticated phishing attempts targeting Gmail users.
The issue stems from a breach at Salesforce, where attackers linked to the ShinyHunters group (also identified as UNC6040) infiltrated systems and accessed business-related Gmail information such as contact directories, organizational details, and email metadata. Crucially, no Gmail passwords were stolen. However, the nature of the compromised data gives hackers enough context to craft highly convincing phishing and impersonation attempts.
Google confirmed that this breach has triggered a surge in targeted phishing and vishing campaigns. Attackers are already posing as Google, IT teams, or trusted service vendors to deceive users into sharing login details. Some threat actors are even placing spoofed phone calls from 650–area-code numbers, making the fraud appear to originate from Google headquarters. According to Google’s internal data, phishing and vishing together now account for roughly 37% of all successful account takeovers, highlighting how effective social engineering continues to be for cybercriminals.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: