>> So did some accurate claims, but we won't talk about those.
> we issued a broad warning to all Gmail users
>> we issued a narrow warning to some Gmail users
> a major Gmail security issue
>> we consider it a minor issue
> This is entirely false.
>> So technically we're correct!
That means there is no kernel of truth.
I'm curious, do people think I was supporting Google or something with my above comment? Should I have italicized instead of >>?
When I asked him to prove he was from Google, he didn't seem fazed at all and said he would send me an email from a google.com email to prove it, and gave me his name and "employee ID". We kept talking and he said the email should show up and it was sent from his side, but the email never came. I then said I'd call google support and ask to speak with him instead - he was still unfazed. I did call Google support (im on Google One for Gemini access so luckily I actually have access to a phone number I can call), and they said it was likely a phishing attempt. I did suspect scam from the start, but it did seem a tad more professional and polished than the usual scams - the person really sounded professional, good voice quality, there wasn't a whole lot of noise in the background, they weren't fazed by my attempts at verification and just tried to dodge them hoping I wouldn't notice instead, they didn't try any pressure/urgency tactics like scammers often do.
So this news is real.. as far as I can tell they were able to connect my email address to my phone number via a leak from Google. They were trying to escalate that into further access.
I asked where he got my information, and he claimed he pulled it from Github and cross-referenced it with a large public dump.
Let's see, things that bypass the filters:
1. Using <yourgmailaddressfirstpart>@google.com which causes a mail delivery error bot bounce to @gmail.com with the spam/malware content
2. Using thousands of bot created gmail.com accounts because the gmail domain has immediate reputation within gmail
spectraldrift•5mo ago
greatgib•5mo ago
But no, Google had a major leak due to a lack of security on their side. And I have a strong suspicion that they released conflicting info over the past week in order to be fuzzy enough to defuse the blame. The "nothing to see there" while at the same time covering their ass by being able to say that they were transparent about it.
Here is a summary about what happened: https://news.trendmicro.com/2025/08/26/google-data-breach-gm...
There was also an official post in Google blog about that, that conveniently is not easy anymore to find un Google search despite using all the right keywords...
So Google is using Salesforce to manage their Google ad leads and the database of their salesforces instances was breached. And despite the database not holding the passwords or credentials to your account, they have all the details about you, and your interactions with Google if you ever interacted with google ads. Like a few million persons.
And using that, it looks like hackers were able to craft more convincing than real emails looking like coming from Google, to scam people and still their credentials this time.
trod1234•5mo ago
While I'm not familiar with the specific of this particular incident the fact I mention must always be considered.They are quite good at what they do.
For a bit of background checkout the Mandiant ORB Networks talk.
creatonez•5mo ago
immibis•5mo ago