- Google addressed the recent allegations of a major vulnerability to Gmail
- The company denies such complaints, says they are “completely false”
- Some Google Workspace accounts have been compromised in recent sales attacks
Recent reports from a major security problem affecting Gmail are “completely false,” said Google.
In a blog article, the company said it wanted to reassure its users that Gmail protections are “strong and effective”.
“Several inaccurate affirmations have surfaced recently which wrongly indicated that we had issued a large warning to all Gmail users about a major security problem of Gmail. This is entirely false,” said the ad.
Compromise of the workspace
Although Google has not explicitly mentioned which claim to be addressed, some of its services had been linked to the recent attack by Drift Salesloft.
The workflow platform returned from Salesloft has recently undergone a cyber attack that saw the threat actors enter a third party and steal sensitive information.
The company uses Drift, a marketing and conversational sales platform that uses live chat, chatbots and AI, to hire visitors in real time, alongside its own fan, a third-party platform that links the AI Drift Chat features to Salesforce, synchronizing conversations, prospects and cases, in CRM via the Saleloft ecosystem.
From August 8, and duration of ten days, the opponents managed to steal oauth tokens and update Salesdrift, pivoting customer environments and successfully exfiltrating sensitive data.
Google then warned that certain workspace accounts, as well as Salesforce bodies, may also have been compromised during the attack. This led to reports that interpret it badly to be compromised Gmail, which, as Google has now confirmed, is not the case.
“Although this is always the case that phishers are looking for means to infiltrate reception boxes, our protections continue to block more than 99.9% of phishing and malware attempts by reaching users,” added Google.
“Safety is such an important element for all companies, all customers, all users – we take this work incredibly seriously. Our teams invest strongly, constantly innovate and clearly communicate on the risks and protections that we have in place. It is crucial that the conversation in this space is exact and factual. ”
