Google Confirms Hackers Stole Customer Data via Salesforce Breach
â–Ľ Summary
– Google confirmed a breach of its Salesforce database, exposing customer information for small and medium-sized businesses.
– The hacking group ShinyHunters (UNC6040) stole basic, largely public business data like names and contact details.
– Google did not disclose the number of affected customers or whether a ransom demand was made.
– ShinyHunters is known for targeting major companies and uses voice phishing to access Salesforce databases.
– The group may be preparing a data leak site and has ties to other cybercriminal groups like The Com.
Google has acknowledged a security incident involving unauthorized access to customer data stored in one of its Salesforce systems. The breach, attributed to the cybercriminal group ShinyHunters (UNC6040), exposed business contact details and other publicly available information belonging to small and medium-sized enterprises. While the company assured users that no sensitive financial or personal data was compromised, it has not disclosed the exact number of affected customers.
In an official statement, Google clarified that the stolen information primarily included business names and contact details, data often already accessible through public channels. A spokesperson declined to provide further details beyond the published blog post, leaving questions unanswered about whether the attackers made any ransom demands.
ShinyHunters has gained notoriety for targeting major corporations, particularly those relying on cloud-based platforms like Salesforce. This incident follows a string of similar breaches affecting high-profile companies, including Cisco, Qantas, and Pandora, as previously reported by cybersecurity outlets. The group allegedly employs voice phishing (vishing) tactics to deceive employees into granting access to critical databases.
Google warned that the hackers may be preparing to launch a data leak site, a common tactic among ransomware groups to pressure victims into paying extortion fees. Investigators have also identified potential links between ShinyHunters and The Com, a broader cybercrime syndicate known for aggressive hacking campaigns involving extortion and network intrusions.
For those seeking additional details or impacted by the breach, secure communication channels remain available for confidential reporting. The situation underscores the growing risks associated with cloud-based data storage and the need for heightened vigilance against social engineering attacks.
This article has been updated to include Google’s official response.
(Source: TechCrunch)
