Why Google is really warning 2.5 billion Gmail users to stop using their passwords

Why Google is really warning 2.5 billion Gmail users to stop using their passwords

Briefly

"The breach traces back to Salesforce, whose systems were compromised by the hacker group known as ShinyHunters (also tracked as UNC6040). Attackers obtained business-related Gmail data, including contact lists, company associations, and email metadata. No actual Gmail account credentials were stolen, but the nature of the stolen data makes phishing and impersonation attacks far more dangerous. Google confirmed the link between the Salesforce breach and a rise in targeted phishing campaigns and said attackers are already impersonating Google, IT departments, or trusted vendors to trick people into handing over login information. Some campaigns even involve "vishing," or fraudulent phone calls made from spoofed 650-area-code numbers that resemble Google's corporate lines."

"For years, phishing has been one of the most effective tools hackers use to break into accounts. Google's own data shows that phishing and vishing now account for roughly 37% of successful account takeovers across its services. With the data from Salesforce in hand, hackers can customize attacks that look far more authentic than the usual spam message. Imagine receiving a message that references your actual employer, colleagues, or recent communications. That level of detail raises the likelihood that you'll trust the email, click a malicious link, or provide sensitive information. Once credentials are stolen, hackers can bypass additional protections and take over accounts-sometimes without the victim realizing it until significant damage has been done."