Google Confirms Rising ‘Account Takeovers’— Users Told to Check Chrome Settings

Hackers are getting good at stealing your whole online life.

Google has acknowledged an intensification of cyberattacks leading to “account takeovers,” a nightmare scenario where bad actors grab your credentials, authentication codes, and even your session cookies. The tech giant is now strongly urging users to beef up their defenses, particularly by moving away from traditional passwords.

The convenience of having everything synced across your devices might be a double-edged sword. When you sign in to Google Chrome and enable synchronization, a massive amount of personal and sensitive data is copied and stored on Google’s cloud servers, secured by your Google account login.

Forbes reported that this synchronized data is extensive as it “includes bookmarks, history and open tabs, passwords, payment info, addresses, phone numbers, payment info that you saved to Google Pay, passwords that you saved to your Google Account and addresses that you saved to your Google Account.”

If a hacker successfully breaches your Google account, they gain access to a treasure trove of your private data, which extends far beyond Google’s ecosystem. Security experts caution that using a browser’s built-in password manager, like Chrome’s, is inherently risky, as a single compromised account can unlock all your saved passwords.

Users can disable Chrome Sync entirely or choose to “Customize sync” to exclude highly sensitive data like passwords and payment information, a step that, while inconvenient, is significantly safer.

Google rolls out new protections for Workspace accounts

In response to the rising threat, Google has introduced new protections aimed at stopping attackers even after they get hold of stolen data.

Andy Wen, senior director of Product Management, explained that attackers are ramping up their tactics. Wen noted that phishing and credential theft drive “37% of successful intrusions,” while email-based infostealers rose “84% … in 2024 compared to the previous year.” Google says the problem is worsening in 2025.

To help organizations, Google has launched new tools: Passkeys now support millions of Workspace users, providing a faster and more phishing-resistant login method. Signing in with a passkey, Google says, is 40% faster than using a password.

The company also released Device Bound Session Credentials (DBSC) in open beta. This system ties session cookies to the specific device that logged in, making it harder for attackers to reuse stolen cookie files. Google says DBSC offers “enhanced post-authentication protection” and reduces the risk of cookie theft, one of today’s fastest-growing attack methods.

A third feature, the Shared Signals Framework (SSF) receiver, is currently in a closed beta; it will allow Google accounts to react automatically when partner platforms signal suspicious behavior.

More Google coverage

• New Google Search AI Mode is ‘Total Reimagining,’ Says CEO Sundar Pichai
• In Major Ruling, Judge Finds Google ‘Willfully Acquired and Maintained Monopoly Power’ Over Digital Ad Market
• Google’s Big Bet on Nuclear Energy: ‘The Race to Power AI-Driven Data Centers is Accelerating’
• Computer History Museum Releases Original AlexNet Code: Why It Matters

Stronger multi-factor authentication is key

For both personal and business accounts, Google and cybersecurity agencies are emphasizing the need to move beyond less secure forms of multi-factor authentication, such as SMS text messages, which can be intercepted.

Users are advised to secure their accounts with a passkey and use a more robust form of MFA. Furthermore, Chrome Sync users can set up a passphrase to encrypt their synced data in Google’s cloud. However, using a passphrase means you cannot use features like Smart Lock for Passwords.

For more ways Google is reshaping account security, check out our coverage of Gmail’s move toward passwordless login. It’s a smart next step to stay ahead of attackers.