Over the past couple of weeks, some reports claimed that Google had sent an emergency warning to all Gmail users after a security breach. Google says that these claims are false.
Here's what happened. In early August 2025, the Google Threat Intelligence Group confirmed that Google had been hacked in June this year, by a ransomware threat group called ShinyHunters, aka UNC6040.
After the attack, Google had performed an impact analysis, and prepared mitigations. Its analysis revealed that one of its corporate Salesforce instances (Salesforce Drift) had been breached. This instance had been used to store contact details for small and medium businesses, and the attackers managed to retrieve some of it. Google said the data the hackers accessed during a small window of time was limited to basic and largely publicly available business information, such as business names and contact details.
The words "largely publicly" do suggest some private data was stolen. Google says that the threat actors also compromised OAuth tokens for the "Drift Email" integration. Perhaps that's the private data that was affected?
Google said it had notified those affected by the breach by August 8. More details about this incident are available on Google's blog. Here's another article by Google that explains more about the attack.
A few weeks ago, some reports alleged that Google had sent out warnings to all Gmail users. I can't find the exact source where this rumor began. It doesn't make sense, the attack wasn't even related to Gmail. I mean, there are over 2.5 Billion Gmail users around the world. If Google had issued a warning for "all users", surely we would have seen one by now, right? Still, the number of articles that began reporting the news kept rising without quoting any shred of evidence. I rarely defend Google or any big tech for that matter, but spreading panic and fake news is wrong, and irresponsible. It wasn't just blogs that were doing this.
As Forbes says, it was unusual for Google to put out a statement to clarify the situation. "Several inaccurate claims surfaced recently that incorrectly stated that we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false. "It also mentions that phishers are always on the lookout for finding ways to breach inboxes, but Google's security blocks 99.9% of the attempts from affecting users.
Google is advising users to use secure password alternatives like Passkeys to secure their accounts.
Thank you for being a Ghacks reader. The post Google says reports about a major Gmail security warning are false appeared first on gHacks Technology News.
0 Commentaires