2.5 billion Gmail accounts exposed in massive Google security breach, scammers using US 650 area code to trick millions.

Google warns 2.5 billion Gmail users after a massive security breach exposed their accounts to scams. Hackers used Salesforce's cloud platform to trick a staff member into giving away login details. Scammers are now impersonating Google workers via fake phone calls and emails, urging users to reset passwords or hand over login codes. Experts warn that passwords aren't needed to wreak havoc, and users should take immediate action to protect their accounts.

Google has issued a critical alert to 2.5 billion Gmail users worldwide, warning them of a significant security breach that exposed their accounts to scammers. The breach, which occurred in June, was linked to Google's use of Salesforce's cloud platform and involved a staff member being tricked into giving away login details [1].

The cyber raid has sent shockwaves across the UK and globally, with scammers exploiting the stolen data to impersonate Google workers. The notorious hacking gang ShinyHunters managed to steal vast files packed with company names and customer contact details. Although Google maintains that passwords were not taken, experts warn that fraudsters do not need them to cause havoc [1].

Users are being bombarded with fake phone calls, emails, and text messages urging them to hand over login codes or reset their passwords. The US 650 area code has been frequently used by scammers to make these calls appear genuine. Cybersecurity expert James Knight advises users to be vigilant and not to trust any communications claiming to be from Google unless they can verify the identity [1].

To protect themselves, Gmail users are urged to complete a Google Security Checkup, a free tool that highlights weak spots in accounts. They should also activate Google's Advanced Protection Program, which can block potentially harmful file downloads and restrict non-Google apps from accessing Gmail data. Additionally, using passkeys for identity verification is recommended, as they are harder for hackers to bypass [1].

The breach has also raised questions about Google's own security measures. Salesforce, originally used for customer data storage, has since become a major database system capable of building detailed profiles of users' online habits. Google's reliance on Salesforce for its Gmail services led to the exposure of a significant amount of data when the system was compromised [1].

Despite the scale of the breach, Google has refused to specify exactly how many accounts were affected. In an August blog post, the tech giant admitted to the attack but did not provide any figures. A spokesperson for Google declined to comment further on the matter [1].

The breach follows a series of recent security issues, with Google urging users to install the latest Chrome and Android updates without delay. The new Stable Channel release for Chrome addresses multiple vulnerabilities, including a high-severity bug in ANGLE, the graphics technology used by the browser. On Android, the August patch targets several critical "no-touch" vulnerabilities, including a remote code execution flaw that could allow hackers to hijack a device without any action from the user [2].

In light of these developments, it is crucial for users to stay vigilant and take immediate action to protect their accounts. By following the recommended security measures, Gmail users can significantly reduce the risk of falling victim to scams and data theft.

References:
[1] https://www.the-sun.com/tech/15029562/google-hack-gmail-users-risk/
[2] https://m.economictimes.com/news/international/global-trends/us-news-2-5-billion-gmail-accounts-warned-scammers-using-us-650-area-code-to-trick-millions-what-should-you-do/articleshow/123473376.cms