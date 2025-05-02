The Gmail email service on a laptop screen. Photo: Unsplash

On World Password Day, May 1, Google warned Gmail users that hackers are breaking into mailboxes on a massive scale. The victims have only seven days to regain control of their accounts, even if the attackers have changed the backup number or email address.

Google gives you a week to regain control of your account

Journalist and cybersecurity veteran Davey Winder reminds us that password protection should be a priority every day, not just once a year. But while we haven't fully switched to more secure passkeys, Gmail remains a hotspot for hackers who are hunting for Google account data.

Winder regularly receives requests from people who have been locked out by hackers who have changed their password, two-factor authentication, and all contact details to recover them. AI-fuelled attacks on Gmail are becoming increasingly sophisticated, but Google is introducing countermeasures and offering a clear procedure for regaining access.

If a user added a backup phone number or address before the attack, they have exactly seven days to use the original recovery data, even if the hacker changed it.

"We recommend all users to set up a recovery phone as well as a recovery email on their account. Our automated account recovery process allows a user to use their original recovery factors for up to 7 days after it changes," Gmail spokesperson Ross Richendrfer explains.

Such insurance can be compared to a seatbelt: it won't prevent an accident, but it gives you a chance to escape. A much more effective "seatbelt" is to switch to phishing-free passkeys, which significantly reduce the likelihood of successful hacking.

For users who have already been blocked, Google advises them to follow the guide "How to recover a Google or Gmail account", which describes step-by-step actions in case of hacking. If you act promptly — within a week — the chance of getting your Gmail back remains high, even if the hacker has tried to block all escape routes.

