Gmail Data Breaches

In 2016, more than 1 million Google accounts were breached by Gooligan.  Malware roots infected devices and stole authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more. Gooligan is a new variant of the Android malware campaign found researchers in the SnapPea app last year.

In February 2017, A Google researcher has uncovered what may be the most worrying web leak of 2017 so far, possibly exposing passwords, private messages and other sensitive data from a vast number of sites, including major services like Uber, FitBit, and OKCupid.

However, more recently on May 3, 2017, Gmail users were targeted in a sophisticated phishing scam that was seeking to gain access to accounts through a third-party app. The emails were disguised as trusted contact and notified the individual as if they wanted to share a Google Doc with them. Once the individual clicked on the linked, they were sent to Google’s real security page where the person was prompted to allow a fake Google Docs app to manage his or her email account. Google was able to put a stop to the breach within an hour. However, over 1 million users may have been affected.























Fox-Brewster, T. (2017, February 24). Google Just Discovered A Massive Web Leak… And You Might Want To Change All Your Passwords. Retrieved May 20, 2017, from

C. (2017, March 29). More Than 1 Million Google Accounts Breached by Gooligan. Retrieved May 21, 2017, from

2017 Data Breaches – The Worst Breaches, So Far. (2017, May 15). Retrieved May 20, 2017, from