Google: Reports of a ‘Major’ Gmail Security Issue Are False — What You Need to Know

Google has publicly debunked recent reports claiming a “major” Gmail security issue affecting all users. In an update on its blog, Google said those reports are inaccurate and that its protections remain strong — blocking over 99.9% of phishing and malware attempts.

The confusion appears to stem from a previously reported incident involving a Salesforce instance used by Google. That incident, first disclosed in June, involved limited data exposure and follow-up notifications to affected parties; it is not the same as a platform-wide Gmail breach affecting 2.5 billion users.

Key links:

• Google’s statement: https://blog.google/products/workspace/gmail-security-protections/
• Reporting and context: Engadget
• Further reading: Tom’s Guide

What you should do

• Enable passkeys and two-factor authentication (2FA) for your Google account.
• Be vigilant for phishing attempts — do not click suspicious links or share verification codes.
• Review recovery options and recent security activity in your Google Account.
• Change passwords if you suspect your account was targeted.

If you’d like, we can walk through how to enable passkeys or 2FA on your account.

Sources: Google blog, Engadget, Tom’s Guide.