Google has debunked recent reports that it was alerting its billions of Gmail users to a security breach and urging them to reset their passwords.
“We want to reassure our users that Gmail’s protections are strong and effective,” the Alphabet-owned company wrote in a statement.
“Several inaccurate claims surfaced recently that incorrectly stated that we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false.”
Featured Partners
How the Gmail security story began
The story starts back in June, when Google reported that a hacking group called UNC6040 was using voice phishing campaigns to trick people into granting access to one of its internal Salesforce instances.
Some victims were then followed up with a few weeks or months later, when the attackers, claiming they were from the hacking group ShinyHunters, would demand payment via Bitcoin. Google also found evidence that they could be preparing to leak the stolen company data.
At the time, Google did not say its employees had fallen victim to such a vishing attack. But, on August 5, the firm updated the article and confirmed that it, too, had been a victim back in June. It reassured customers that the attackers had only obtained “basic and largely publicly available business information, such as business names and contact details.”
Where this security story takes a curious turn
While Google had notified all affected businesses by August 8, some curious headlines began to emerge in the weeks that followed. The basis of these stories was that an emergency warning had been issued to all Gmail users, urging them to change their passwords because their accounts were at risk of compromise following the UNC6040 breach.
Many of the reports assumed that hackers were using the stolen business information to craft phishing or social engineering attacks on Gmail users. Some referenced a Reddit post from a Gmail user who claimed to have been contacted by a scammer impersonating Google, although Google confirmed to PCWorld that this was unrelated to the UNC6040 attack.
As for the rumour of a mass email sent to all users, it is unclear how that came about. Google told Forbes on Sunday that neither Google Cloud nor Gmail data had been affected by the UNC6040 breach.
However, in a public statement issued on Monday, the company emphasised that such information remains a valuable target for hackers, and that’s why “it’s crucial that conversation in this space is accurate and factual.”
“While it’s always the case that phishers are looking for ways to infiltrate inboxes, our protections continue to block more than 99.9% of phishing and malware attempts from reaching users,” Google said.
Security tips for Gmail users
The search giant recommended best practices for Gmail users, which include:
- Using secure Passkeys and two-step verification.
- Ignoring requests for personal information.
- Using Safe Browsing in Chrome.
- Identifying and changing any unsafe passwords.
Concerned about your company’s data security? TechRepublic outlines 10 approaches to defend against cyberattacks.
