Google Salesforce data breach puts over 2 billion users at phishing risk

NEWYou can now listen to Fox News articles!

A tech leader like Google often seems invincible when it comes to cybersecurity attacks, but that is not the case. Earlier this month, the search giant confirmed that attackers had accessed one of its corporate Salesforce instances. According to a Google spokesperson, this system stored basic, and largely publicly available business information, such as contact details and notes from small and medium-sized companies. It did not store customer data from Google Cloud or consumer products like Gmail, Drive or Calendar.

Google says it terminated the malicious activity, completed an impact analysis, and provided mitigations. Therefore, no further action is required by users.

NEW GOOGLE AI MAKES ROBOTS SMARTER WITHOUT THE CLOUD

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM/NEWSLETTER

Cybercriminals are exploiting Google’s recent Salesforce data breach to launch vishing calls and phishing attacks against Gmail users worldwide. (Kurt “CyberGuy” Knutsson)

Vishing calls target Gmail users

Hackers have reportedly accessed Google’s Salesforce database systems, exposing customer and company names. Google confirmed the incident and clarified that the information was mostly public business contact data and did not include passwords or payment information. The company stressed that the breach affected only a corporate Salesforce system, not consumer Gmail or Google Cloud accounts.

Still, attackers are exploiting the news of the breach to fuel phishing and vishing scams, tricking people into giving up sensitive information. According to PC World, some users have already reported an increase in phishing attempts that reference Google services.

STOP GOOGLE FROM FOLLOWING YOUR EVERY MOVE

One of the main tactics involves scam phone calls, also known as vishing. A Reddit post highlighted a wave of calls coming from the 650 area code, which is linked to Google’s headquarters. In these calls, scammers pose as Google employees and warn victims of a supposed security breach. They then instruct users to reset their Gmail password and share it with them. This locks the rightful owner out of the account and gives the attacker complete control.

A user launches Gmail. (Kurt “CyberGuy” Knutsson)

Old infrastructure exploited with “dangling buckets”

Separately from the Salesforce incident, Google Cloud customers are also facing another type of attack. Hackers are trying to exploit outdated access addresses using a method called the dangling bucket. This can allow them to inject malware or steal data. Both businesses and individuals are vulnerable to losing control over sensitive information if targeted in this way.

Gmail and Google Cloud serve nearly 2.5 billion people, which makes the scale of the risk significant. Although the initial breach did not expose passwords, attackers are using the news of the incident to trick people into revealing their login details.

A Google search window is on a laptop. (Kurt “CyberGuy” Knutsson)

6 ways you can stay safe from scammers targeting Google accounts

Google accounts are often a prime target for scammers. The good news is that protecting yourself doesn’t require advanced technical skills. A few practical steps can drastically reduce your chances of becoming a victim.

1) Avoid clicking on phishing links

Phishing remains the most common way scammers steal Google account credentials. A fake email or text may claim your account has been locked or that you need to verify suspicious activity. Clicking the link usually takes you to a counterfeit login page that looks almost identical to the real Google sign-in screen.

To avoid falling for these tricks, check the sender’s email address carefully, hover over links before clicking, and avoid entering your Google password on any page that doesn’t start with accounts.google.com.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech

2) Save passwords securely

Reusing weak passwords across multiple sites is an open invitation for scammers. If one site is breached, your Google account becomes vulnerable. A strong, unique password is your first line of defense.

The easiest way to manage this is with a password manager. It can generate complex passwords, store them securely, and fill them in automatically when you need them. This way, you never have to remember dozens of different logins, and attackers can’t guess their way in.

Next, see if your email has been exposed in past breaches. Our #1 password manager pick (see Cyberguy.com/Passwords) includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

WHAT TO DO IF YOU GET A PASSWORD RESET EMAIL YOU DIDN’T ASK FOR

3) Delete personal data that puts you at risk

Scammers often use information they find online to craft convincing attacks. If your email address, phone number, or even past passwords are floating around on data broker sites, criminals have more tools to impersonate you or trick you into revealing more.

Using a data removal service helps clean up your digital footprint. By reducing the amount of exposed information about you, it becomes much harder for scammers to target you directly.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan

4) Turn on two-factor authentication

Even the strongest password can be stolen, but two-factor authentication (2FA) adds an extra barrier. When enabled, Google will ask for a one-time code or prompt on your phone before granting access. That means even if a scammer manages to get your password, they can’t log in without also having your device.

Google offers several 2FA methods, from SMS codes to app-based prompts and even hardware security keys. For the best protection, choose app-based or hardware verification rather than text messages.

5) Keep your devices updated

Many scams rely on exploiting outdated software. If your phone, browser, or operating system isn’t up to date, attackers may use known vulnerabilities to install malware or hijack your session.

Set your devices to update automatically whenever possible. This ensures you’re always running the latest security patches, reducing the number of openings a scammer can use.

6) Regularly check Google account security settings

Google provides built-in tools to help users spot suspicious activity. By visiting your Google Account’s security page, you can see devices that have signed in, recent account activity, and whether recovery options like your phone number and backup email are up to date.

Running a Google Security Checkup only takes a few minutes and gives you a clear overview of any weaknesses. Think of it as a health check for your digital life.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

The incident is a reminder that even tech giants with vast resources are not immune to security lapses. While Google insists that no passwords were exposed, the wave of phishing and vishing scams shows how quickly criminals can weaponize even partial leaks. What began as a breach of business data has spiraled into a threat facing millions of everyday users, raising questions about how secure Google’s ecosystem really is.

Do you believe regulators should step in with stricter rules for how cloud providers handle security lapses? Let us know by writing to us at Cyberguy.com/Contact

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.