Google Data Breach
Google Employee Data Breach (2025): 2.6M Records Including Phone & Home Address
Multinational technology company specializing in internet services.
Risk Interpretation
Extremely high risk due to breadth and centrality. Exposure can enable account takeover, identity linkage, profiling, phishing, and downstream compromise across many connected services and organizations.
Impact & Downstream Threats
Google appeared on the Scattered LAPSUS$ Hunters dark web leak site in October 2025 as part of the Salesforce campaign, with the exposed data specifically characterized as Google AdSense employee records — email addresses, phone numbers, and home addresses for approximately 2.5 million individuals — rather than general consumer data. The nature of the exposure as employee and contractor data connected to an advertising division makes this a workforce privacy incident rather than a consumer breac
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
Google's internal advertising division was caught up in a supply chain attack targeting Salesforce in 2025. A threat group calling itself "Scattered LAPSUS$ Hunters" claimed responsibility, releasing a sample of stolen data on October 3, 2025, with the full dataset reportedly scheduled for release on October 10. The records, described by the attackers as Google AdSense employee and contractor data, affected approximately 2.6 million individuals. Salesforce attributed the campaign to vulnerabilities in customer-side integrations rather than its core platform. The exposed data includes email addresses, phone numbers, and home addresses. Because this is workforce data rather than consumer data, the people most directly at risk are Google employees and contractors connected to its advertising operations. That combination of contact details is enough to enable targeted phishing, social engineering, and identity-based fraud against those individuals. Google has not issued detailed public statements about this specific exposure. No regulatory actions or breach notifications have been publicly confirmed at this time. Affected individuals face a credible risk of phishing attempts and impersonation, particularly through email and phone. Anyone who believes they may be included should be alert to unsolicited contact and consider monitoring their accounts for unusual activity.
About Google
Google is a multinational technology company and subsidiary of Alphabet Inc., operating the world's dominant search engine alongside a broad portfolio of products including Gmail, Google Maps, YouTube, Google Cloud, Android, and the Chrome browser. Headquartered in Mountain View, California, and publicly traded on Nasdaq, Google is one of the largest companies by market capitalization globally and generates the majority of its revenue through digital advertising.
Why They Hold Your Data
Large platform ecosystems collect user identity, emails, phone numbers, authentication data, device identifiers, search and service activity, advertising signals, cloud account records, and support interactions across consumer and enterprise services.
Recent Developments
Google has been aggressively investing in and deploying AI across its product suite, most visibly through Gemini — its large language model — integrated into Search, Workspace, and Android. The company faces sustained antitrust proceedings in the United States and Europe, including a 2024 federal court ruling finding it had illegally maintained a monopoly in search. Google has continued expanding its cloud computing business as a strategic growth priority.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, phone_number, physical_address:home
Dark Web Verification
- Dataset containing ~2.6M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: google-salesforce-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Google
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam