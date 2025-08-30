Google warns 2.5 billion Gmail users to take action after a Salesforce hack compromises account data, increasing phishing and scam risks. Read here to know you can protect Gmail account.

Google has alerted its 2.5 billion Gmail users about a serious security risk, recommending they change their passwords due to a rise in successful hacking. The company is strongly advising users to enable two-step verification (2SV) and other security features to protect their accounts.

The hacking group ShinyHunters, which is believed to be inspired by the Pokémon franchise, has been active since 2020 and is connected to major data breaches at companies including AT&T, Microsoft, Santander, and Ticketmaster, according to SILIVE.com.

These hackers frequently employ phishing emails to trick users into visiting fake login pages or sharing sensitive information, such as 2SV codes.

While much of the compromised data in this incident was already public, Google warns that these methods could lead to more targeted and serious attacks.

In a June blog post, Google mentioned, "We believe threat actors using the 'ShinyHunters' brand may be preparing to escalate their extortion tactics by launching a data leak site (DLS)."

How you can protect your Gmail account from being hacked?

To protect your Gmail account, consider the following steps:

Update your password: Choose a strong, unique password that isn’t used for any other service. Consider using a password manager to generate and securely store complex passwords.

Enable Two-Factor Authentication (2FA): 2FA adds an extra layer of security by requiring a verification code in addition to your password. Even if hackers get your password, they won’t be able to access your account without this code.

Be alert to phishing attempts: Always be suspicious of emails that ask for personal information or direct you to unfamiliar websites. Double-check email addresses and links before entering credentials.

Review account activity regularly: Check your Gmail account’s login history to spot unusual or unauthorized access. Acting quickly can prevent minor breaches from turning into full account takeovers.

These setups make sure that even if hackers get a password, they still can't log in without the extra check.

Why 2-step verification is important?

Mirror US reported that Action Fraud highlighted the importance of 2SV, saying, “Protect your email account by activating 2-step verification (2SV). It can prevent criminals from accessing your accounts, even if they have your password.”

The Stop Think Fraud site also gave similar advice. “Enabling 2SV adds an extra layer of security to your most important accounts, especially your email. It takes just minutes to set up – time well spent to keep the fraudsters away.”

The report further added, “2SV can usually be found in the security settings of your account. Sometimes it's called 2-factor authentication (2FA) or multi-factor authentication (MFA). 2SV is available for most of the major online services, such as email, banking, and social media.”