EPISODE: 190 – The Great Google Ads Hack of 2025
December 16th, Shop Marketing Pros’ Google Ads MCC was hacked, and what should’ve been a quick fix turned into an eight-day nightmare of lost access, fraudulent campaigns, and even attempted $500,000 account “preload” charges. Brian Walker and Hallie Wasinger lay out the full timeline (warts and all): what the hackers changed, why leaving them “view-only” mattered, how Google support handled it, and what it took to restore and stabilize dozens of client accounts. If you run Google Ads (or hire someone who does), listen all the way through for the hard-earned security upgrades and practical steps to protect your MCC and your shop’s payment methods.
Timestamps
Podcast Introduction (00:00:00) Brief intro to the podcast, hosts, and episode topic.
The Google Ads Hack Begins (00:02:20) Timeline and discovery of the hack on December 16th, 2024, at around 2:30 AM.
Immediate Response and MCC Explanation (00:03:11) How the hack was discovered, initial response, and what a Google Ads MCC is.
How the Hack Happened (00:05:39) Discussion of phishing, weak Google 2FA, and how hackers gained access.
Scope of the Breach (00:06:47) Number of affected accounts, types of accounts, and initial impact.
Contacting Google and Early Damage (00:07:29) Brian contacts Google by 4:50 AM; minimal damage at this stage.
How Hackers Maintained Access (00:10:15) Hackers downgrade admin access to view-only, allowing continued monitoring.
Timeline to Regain Access (00:11:16) Hack occurred December 16th; access restored December 23rd after eight days.
Tracking the Hackers’ Actions (00:12:15) Team tracks every change made by hackers during the eight days.
Hackers’ Motives and Ad Spend (00:14:48) Hackers run fake medical device ads, spend about $15,000, and attempt large charges.
Massive Unauthorized Charges (00:17:16) Multiple $500,000 and $50,000 charges attempted; client reactions and reversals.
Client Communication and Stress (00:20:04) Notifying clients, handling overdrawn accounts, and emotional impact.
Controlling What They Could (00:22:02) Accepting limited control, focusing on communication and tracking.
Escalating to Authorities and Senators (00:22:48) Filing complaints with FBI, DHS, and contacting senators for help.
Disconnecting LSA Accounts (00:24:35) Quickly disconnecting Local Services Ads to limit further damage.
Impact on Client Businesses (00:26:21) Ad downtime affects client lead flow and business operations.
Other Agencies Hacked & Security Changes (00:27:25) Similar hacks in the industry; tightening security after a competitor’s hack in November.
Regaining Access and Google’s Restoration (00:30:50) Google restores access on December 23rd, but hackers remain as view-only users.
Restoring Client Accounts (00:33:14) Manually removing hackers, restoring admin access, and turning ads back on.
Ongoing Issues After Restoration (00:34:48) Continued problems with account suspensions, payment issues, and policy violations.
Senators’ Involvement and Google Support Loops (00:34:48) Senators help escalate with Google; difficulties reaching Google support.
Google’s Account Suspension Process (00:38:38) MCC suspension fails to stop hackers; sub-account suspensions more effective.
Restoring Payment Methods and Account Suspensions (00:39:55) Clients must update payment methods; some accounts face new suspensions.
Policy Violations and Remaining Issues (00:41:00) Circumventing policy violations and destination errors persist for some accounts.
Lessons Learned and Client Impact (00:44:10) Working with clients on compensation; varying levels of impact.
Security Improvements Implemented (00:46:14) Switching to hardware keys, unique admin emails, and stricter access controls.
Moving Client Budgets to Agency Cards (00:49:27) Agency now pays ad budgets, clients reimburse; logistical and security benefits.
Advice for Other Shops and Agencies (00:52:18) Recommendations: use dedicated cards, review account access, and enable strong 2FA.
Google’s Needed Changes (00:54:56) Call for Google to add super-admin roles and better user management.
Conclusion and Final Thoughts (00:56:32) Reflecting on the experience, ongoing recovery, and closing the episode.
How To Get In Touch
Join The Auto Repair Marketing Mastermind Group on Facebook
Meet The Pros
Follow SMP on Facebook
Follow SMP on Instagram
Get The Ultimate Guide to Auto Repair Shop Marketing Book
Email Us Podcast Questions or Topics
Lagniappe (Books, Links, Other Podcasts, etc)
Automotive Repair Podcast Network
