Google Issues Security Alert to 2.5 Billion Gmail Users After Salesforce Breach

Google has issued a global security warning to its 2.5 billion Gmail users following a June 2025 data breach linked to one of its third-party Salesforce systems.

The breach, attributed to the cybercrime group UNC6040—also known as ShinyHunters—stemmed from a corporate Salesforce instance storing sales notes and contact information for small and medium-sized businesses.

Google confirmed that the compromised data was limited to basic business details such as company names and contact information, stressing that Gmail, Google Drive, passwords, and financial data remain unaffected.

Attackers reportedly gained access through a “vishing” attack, in which they impersonated IT support staff over the phone to trick an employee into granting them system privileges. This allowed data exfiltration before Google’s security teams cut off access.

While the stolen data is considered low-risk, security experts warn it could fuel sophisticated phishing and vishing campaigns designed to steal login credentials and two-factor authentication codes.

Google said it contained the breach swiftly, notified all affected parties by August 8, and continues to monitor for threats. The company is urging users to update passwords, enable two-factor authentication, and remain cautious of suspicious emails or calls.