Illustration of a Gmail data breach affecting billions of users worldwide.
Tech Aware Nepal: Gmail Data Breach Exposes Billions of Accounts, Google Issues Urgent Password Change Advisory
A massive data breach originating from a third-party Salesforce system has potentially compromised the security of nearly all 2.5 billion Gmail accounts. The incident, which took place in June, has prompted Google to issue an urgent advisory, urging all Gmail users to change their passwords immediately.
The breach was carried out by a threat actor identified by Google Threat Intelligence as UNC6395, a group with links to the notorious hacking collective ShinyHunter. The attackers gained access to sensitive information, including AWS access keys, Snowflake tokens, and passwords, by scanning customer support tickets and messages. This unauthorized access to credentials could potentially allow the hackers to gain entry into other related accounts.
While a significant portion of the stolen data was reportedly already in the public domain, there is a heightened risk of sophisticated phishing attacks. Security experts warn that the threat actors may be planning to create a website to launch targeted phishing campaigns against Gmail users. Users of other Google services, such as Google Cloud, are also at an increased risk.
In response to this significant security threat, Google is strongly recommending that all Gmail users take the following steps to secure their accounts:
- Change your password immediately.
- Enable two-factor authentication (2FA).
- Utilize passkeys for a more secure login experience.
Google has also warned users to be vigilant against phishing attempts. The company has noted an increase in attackers impersonating Google employees through phone calls and text messages in an attempt to trick users into revealing their login credentials or resetting their passwords.
Tech Aware Nepal urges all its readers to take this advisory from Google seriously and to take the necessary steps to protect their online accounts.
