Particle.news
Download on the App Store
29 ARTICLES
·
4h ago

Google Refutes Viral Gmail Security Alert, Urges Stronger Account Protections

The company says no mass warning was issued, noting the June Salesforce incident exposed only basic business contacts.

Image
Stock Image: The South Lake Union Google Headquarter entrance at sunset, Seattle, USA - Jul 24, 2022.
Image
Image

Overview

  • Google issued a formal statement calling reports of a broad emergency alert to all 2.5 billion Gmail users "entirely false."
  • The firm said Gmail, Google Cloud and Workspace credentials were not compromised, and it finished notifying impacted contacts in early August.
  • Investigators confirmed limited OAuth token abuse tied to the Drift Email integration on August 28, after which Google revoked affected tokens and disabled the integration.
  • Attackers linked to ShinyHunters are using stolen business contact details to run targeted phishing and phone scams, including spoofing Google’s +1 (650) 253-0000 number.
  • Google recommends passkeys and non‑SMS two‑step verification, advises checking Security Checkup for unusual activity, and says automated systems block over 99.9% of phishing and malware attempts.