March 27, 2026 Google has warned that quantum computers could break widely used encryption systems by 2029, urging organisations to begin migrating to post-quantum cryptography now. The warning reframes quantum risk from a long-term research problem into an active security planning issue, with potential exposure for data being stored today.

In a recent blog post, Google said current encryption “could easily be broken by a large-scale quantum computer in coming years” and confirmed it is already prioritising post-quantum cryptography for authentication systems. The company recommended that other engineering teams follow the same approach.

The concern centres on the eventual development of quantum machines capable of solving the mathematical problems underpinning modern encryption. From secure web traffic to digital signatures, today’s systems rely on computational difficulty that classical computers cannot overcome, but quantum systems are theoretically capable of doing so at scale.

That capability is not yet realised. Existing quantum computers remain early-stage, limited in size and stability, and require highly controlled environments such as near-absolute-zero cooling or complex laser alignment. Building a system with hundreds of thousands or millions of stable qubits – the threshold often associated with breaking encryption – remains a significant engineering challenge.

However, the timeline is compressing enough to change behaviour. While many estimates place cryptographically relevant quantum computers in the 2030s to 2050s, Google’s updated threat model shifts focus toward earlier preparation. The risk is not only future decryption, but current data exposure through “store now, decrypt later” attacks, where encrypted information is harvested today with the expectation it can be decoded once quantum capability matures.

Leonie Mueck, former chief product officer at Riverlane, said intelligence agencies have been preparing for this scenario for years, noting that sensitive data with a lifespan of a decade or more is particularly vulnerable. Governments are already responding: the UK’s National Cyber Security Centre has advised organisations to transition toward quantum-resistant systems by 2035.