Google Salesforce data breach puts over 2 billion users at phishing risk
NEWYou can now listen to Fox News articles!
A technological leader like Google often seems invincible with regard to cybersecurity attacks, but this is not the case. Earlier this month, the research giant confirmed that the attackers had accessed one of his company Salesforce bodies. According to a Google spokesperson, this system has stored basic and largely commercial information accessible to the public, such as contact details and marks of small and medium-sized enterprises. It did not stor the data from Google Cloud customers or consumer products such as Gmail, Drive or Calendar.
Google says it ended the malicious activity, completed an impact analysis and provided attenuations. Therefore, no other action is required by users.
New Google AI makes robots smarter without the cloud
Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com/newsletter
Cybercriminals exploit the recent violation of Google Salesforce data to launch visiting calls and phishing attacks against Gmail users worldwide. (Kurt “Cyberguy” KTUSSON)
Vishing calls Gmail Target users
The pirates would have accessed Google Salesforce database systems, exhibiting the names of customers and the company. Google confirmed the incident and said the information was mainly public contact with the company and did not include passwords or payment information. The company stressed that the violation only affected a business Salesforce system, and not on the Gmail or Google Cloud accounts.
However, the attackers exploit the news of the breach to feed phishing and scams, encouraging people to abandon sensitive information. According to PC World, some users have already reported an increase in phishing attempts that refer to Google Services.
Prevent Google from following each of your movements
One of the main tactics concerns scam phone calls, also known as Vishing. A Reddit article has highlighted a wave of calls from the 650 Regional Code, which is linked to the headquarters of Google. In these calls, the crooks arise as amployed by Google and warn the victims of a supposed security violation. They then ask users to reset their Gmail password and share it with them. This locks the legitimate owner of the account and gives the attacker a complete control.
A user launches Gmail. (Kurt “Cyberguy” KTUSSON)
Old infrastructure exploited with “pendant buckets”
Separately from the Salesforce incident, Google Cloud customers are also faced with another type of attack. The pirates try to exploit the obsolete access addresses using a method called the dingant bucket. This can allow them to inject malware or steal data. Companies and individuals are vulnerable to the loss of control of sensitive information if it is targeted in this way.
Gmail and Google Cloud serve nearly 2.5 billion people, which makes the extent of the risk. Although the initial violation did not expose passwords, the attackers use the news of the incident to encourage people to reveal their connection details.
A Google search window is on a laptop. (Kurt “Cyberguy” KTUSSON)
6 ways to stay away from crooks targeting Google accounts
Google accounts are often a main target for crooks. The good news is that protecting you does not require advanced technical skills. Some practical steps can considerably reduce your chances of becoming a victim.
1) Avoid clicking on phishing links
Phishing remains the most common way by crooks to steal the identification information of the Google account. A false email or SMS may claim that your account has been locked or that you must check the suspicious activity. Click on the link usually brings you to a counterfeit connection page which seems almost identical to the real Google connection screen.
To avoid falling into these tips, consult the sender’s email address carefully, fly over the links before clicking and avoid entering your Google password on any page that does not start with account.google.com.
The best way to protect yourself from malicious links that set up malware, potentially accessing your private information, is to install antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware scams, protecting your personal information and digital assets.
Get my choices for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices Cyberguy.com/lockupyourtech
2) Save the passwords safely
The reuse of low passwords on several sites is an invitation open to crooks. If a site is raped, your Google account becomes vulnerable. A solid and unique password is your first line of defense.
The easiest way to manage this is with a password manager. It can generate complex passwords, store them safely and fill them automatically when you need them. In this way, you never have to remember dozens of different connections, and the attackers cannot guess their way.
Then see if your email has been exposed in past violations. Our choice of password management n ° 1 (see Cyberguy.com/passwords) Includes an integrated violation scanner that checks if your email address or passwords have appeared in known leaks. If you discover correspondence, immediately modify the reused passwords and secure these accounts with new unique identification information.
Consult the best password managers evaluated by experts in 2025 in Cyberguy.com/passwords
What if you receive a password reset email that you have not asked for
3) Delete the personal data that endangers you
Schools often use information they find online to develop convincing attacks. If your email address, telephone number or even previous passwords float on data broker sites, criminals have more tools to make you pass for you or encourage you to reveal more.
Using a data elimination service helps clean your digital footprint. By reducing the amount of information exposed to you, it becomes much more difficult for the crooks to target you directly.
Although no service can guarantee the complete deletion of your Internet data, a data deletion service is really an intelligent choice. They are not cheap, and your privacy either. These services do all the work for you by actively and systematically erase your personal information from hundreds of websites. This is what gives me peace of mind and turned out to be the most effective way to erase your personal data on the Internet. By limiting the available information, you reduce the risk of crooked references from the crooks from violations with information they may find on the Dark Web, which makes them more difficult for them to target you.
Consult my best choices for data deletion services and get a free analysis to find out if your personal information is already on the web by visiting Cyberguy.com/delete
Get a free scan to find out if your personal information is already on the web: Cyberguy.com/freescan
4) Activate two factors authentication
Even the strongest password can be stolen, but Two -factor authentication (2FA) Add an additional barrier. When activated, Google will request a code or unique prompt on your phone before granting access. This means that even if a crook manages to get your password, it cannot connect without also having your device.
Google offers several 2FA methods, from SMS codes to invites based on applications and even hardware safety keys. For the best protection, choose an application -based verification or equipment rather than text messages.
5) Keep your devices up to date
Many scams rely on the exploitation of obsolete software. If your phone, browser or operating system are not up to date, attackers can use known vulnerabilities to install malware or divert your session.
Define your devices on update whenever possible. This guarantees that you are still running the latest security fixes, reducing the number of openings that a crook can use.
6) Regularly check the Google Google account security settings
Google provides integrated tools to help users identify suspicious activity. By visiting the safety page of your Google account, you can see the devices that have connected, the recent account of the account and if the recovery options such as your phone number and your backup email are up to date.
The execution of a Google safety assessment takes only a few minutes and gives you a clear overview of any weakness. Consider it as health control for your digital life.
Click here to obtain the Fox News app
Kurt de Kurt to remember
The incident is a reminder that even the technology giants with large resources are not immune to the security tricks. While Google insists that no password has been exposed, the wave of phishing and scams show how fast the criminals can even arm partial leaks. This started as a violation of commercial data has transformed into a threat faced with millions of daily users, which raises questions about the security of the Google ecosystem.
Do you think that regulators should intervene with more strict rules on how cloud suppliers manage the security tricks? Let us know by writing to Cyberguy.com/contact
Register for my free cyberguy report
Get my best technological advice, my urgent safety alerts and my exclusive offers delivered directly in your reception box. In addition, you will have instant access to my survival guide at the ultimate – free swindle when you join my Cyberguy.com/newsletter
Copyright 2025 cyberguy.com. All rights reserved.
