How the phishing attacks work Initial reports of attempted attacks have already been seen on Reddit, which are likely related to the data leak. Users describe how alleged Google employees have contacted them by phone to inform them of a security breach in their accounts. In these scam attempts, attackers are trying to take over Gmail accounts by triggering alleged “account resets” and then intercepting passwords to subsequently lock out the account holders. Another attack method involves “dangling buckets” (i.e., outdated access addresses) to steal data from or inject malware into Google Cloud. Both methods are extremely dangerous and currently threaten Gmail and Google Cloud users in particular, around 2.5 billion people worldwide. In theory, companies are of particular interest to hackers, but private individuals can also easily be targeted.