Google Didn’t Ask 2.5 Billion Gmail Users to Change Passwords

📟 News

Date: 04/09/2025

Last week, media reports claimed that Google was allegedly notifying all Gmail users (about 2.5 billion people) en masse to urgently change their passwords and enable two-factor authentication. Google representatives say that reports of security issues in Gmail are false.

Media reported that the Gmail email service had allegedly been hit by a serious data leak, citing the company’s recent series of warnings about increasingly frequent phishing attacks.

Publications also mentioned that Google was recently affected by an attack on Salesforce, and the recent Salesloft breach impacted Google Workspace data. As a result, the media claimed that Google is now allegedly urging 2.5 billion Gmail users worldwide to reset their passwords.

This week, Google representatives had to publish an official statement on the company blog, calling these reports false.

“We want to assure our users that Gmail’s security is reliable and effective. Recently, a number of inaccurate claims surfaced online, wrongly asserting that we issued a mass alert to all Gmail users about a serious Gmail security issue. That is simply not true.

While phishers are always looking for ways to break into inboxes, our protections continue to block more than 99.9% of phishing and malware attempts from ever reaching users.

Security is a very important issue for all companies, customers, and users, and we take this work extremely seriously. Our teams invest significant resources, continuously innovate, and clearly communicate the risks and the protections we employ. It’s crucial that the discussion in this area be accurate and fact-based,” Google representatives said.

Related posts:
2025.01.24 — Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer

Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into…

Full article →
2025.02.20 — Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and DoS attacks

OpenSSH fixed two vulnerabilities that could result in MiTM and denial of service (DoS) attacks. Interestingly, one of these bugs appeared in the code more than 10…

Full article →
2025.01.27 — Zyxel firewalls reboot due to flawed update

Zyxel warned its customers that a recent signature update may cause critical errors in USG FLEX and ATP series firewalls. As a result, devices go into…

Full article →
2025.02.03 — PyPI introduces a project archival system to combat malicious updates

The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it's not expected to be updated…

Full article →
2025.02.08 — Hackers exploit RCE vulnerability in Microsoft Outlook

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Federal Civilian Executive Branch (FCEB) Agencies that they have to secure their systems from ongoing…

Full article →
2025.01.23 — Fake Telegram CAPTCHA forces users to run malicious PowerShell scripts

Hackers used the news of Ross Ulbricht pardoning to lure users to a rogue Telegram channel where they are tricked into running malicious PowerShell code. This…

Full article →
2025.03.07 — YouTube warns of scam video featuring its CEO

According to YouTube, scammers use an AI-generated video of the company's CEO in phishing attacks to steal user credentials. The scammers attack content creators by sending them…

Full article →
2025.01.26 — Cisco patched a critical vulnerability in Meeting Management

Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges. The vulnerability…

Full article →
2025.04.29 — FBI Offers 10 million USD for information on Salt Typhoon members

The FBI offers up to 10 million USD for information about members of the Chinese hacker group Salt Typhoon and last year's attack that had…

Full article →
2025.01.30 — Hackers use vulnerabilities in SimpleHelp RMM to attack corporate networks

Experts believe that recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) were used by attackers to gain initial access to corporate networks. A number…

Full article →