Q: What should I be doing as a Google user after the data breach?

A: You’ve likely seen headlines warning that “all Gmail users” must change passwords after a big ‘Google data breach’, but that’s not actually what happened. Google wasn’t directly compromised, and your personal Gmail account wasn’t exposed. The issue started with a tool that connects to Google’s Salesforce server. That tool was abused in a way that let criminals grab Gmail-related data that was actually publicly available information.

As a result, scammers now have high-quality lists of validated names, emails, and phone numbers to make their phishing emails and scam phone calls sound much more convincing. Google shut down the misuse quickly, but the ripple effect means you should be more alert than ever.

The biggest con

See Full Page