Google Warns 2.5 Billion Users After Major Salesforce-Linked Data Breach

Google has issued an urgent security alert to its 2.5 billion Gmail users following a significant data breach linked to Salesforce's cloud platform, attributed to the hacker group ShinyHunters. While no Gmail passwords were compromised, stolen business contact information is being used to conduct phishing, vishing, and extortion attempts, with scammers impersonating IT support representatives to trick users into revealing sensitive account details. Google strongly recommends all users update their passwords immediately and enable two-factor authentication, which blocks over 90% of unauthorized access attempts even if passwords are compromised. ShinyHunters, active since 2020 and previously responsible for breaches at AT&T, Microsoft, and Ticketmaster, is believed to be preparing to escalate extortion tactics by launching a data leak site to pressure victims for bitcoin payments. Google and cybersecurity experts emphasize vigilance against suspicious emails and advise using password managers and other security best practices to mitigate risks from this breach. The alert highlights the ongoing threat of social engineering attacks exploiting publicly available business data to target multinational companies and their users.