News

Google suffers a serious data breach at the hands of a ransomware group

News Room
News Room
There has been a data breach involving one of Google’s corporate databases, and data was obtained by the hackers. This was confirmed on August 5th by the Google Threat Intelligence Group (GTIG), which posted that the group responsible for the data breach had a connection to the ShinyHunters ransomware group. Google noted that the data stolen was “basic and largely publicly available business information, such as business names and contact details.” 

Google’s Threat Intelligence Group reported on a data breach that ended up affecting Google itself

The MO of the ShinyHunters group makes the breach concerning. The ransomware group typically uses emails and phone calls to extort its victims, no later than three days after the targeted files have been compromised. Back in June, Google said that it “observed” the ShinyHunters group attacking multi-national companies to steal data from these firms’ Salesforce platforms. Salesforce offers cloud-based services to help companies manage their relationships with customers, also known as Customer Relations Management (CRM).

GTIG said that the attacks targeted English-speaking employees working for Salesforce clients and used voice phishing to trick the employee into connecting a modified version of Salesforce’s Data Loader application. The aforementioned English-speaking employees received phone calls from someone claiming to be IT support personnel, telling the targeted employee to accept a connection to the client application known as Salesforce Data Loader. 

As its name suggests, this is a key tool used by administrators and developers at Salesforce looking to import, export, update, or delete a large amount of data.  Because the organizations being targeted by the attackers are Salesforce clients and use its CRM platform, the request from the bad actors to install the Data Loader doesn’t appear to be unusual. To connect the victim with the attackers, the latter persuades the victim on the phone to open the Salesforce Connect setup page and enter an 8-digit connection code. This connects the victim to the attacker.

Google itself became a victim of this attack in June when one of its Salesforce CRM installations was breached and customer data stolen. Bleeping Computer spoke with ShinyHunters this past Wednesday and was told that it breached several Salesforce instances, including one related to a trillion-dollar company. The threat actor said that it might decide to just leak the data from that company instead of using it to extort the firm. It is not known for sure whether that company is Google, even though the description fits.

Other companies being attacked are extorted through email, with the threat actor demanding that they pay a ransom in order to keep the data from getting publicly leaked.

Google has been getting hit from all sides lately

The CEO of Closed Door Security, William Wright, said, “The news that Google has suffered a data breach in the recent wave of attacks executed by ShinyHunters highlights that no organization is immune to cybercrime. It doesn’t matter if you are a small business or one of the world’s leading technology firms, all organizations are vulnerable.”

For Google, having to deal with a data breach that seeks to extort money from the search giant is just another hassle that the company has had to deal with lately. At the end of last month, the Ninth Circuit Court of Appeals ruled against Google’s appeal thus upholding a jury verdict that called Google’s Play Store app storefront  an illegal monopoly. Additionally, the company is faced with the possibility of losing its search monopoly through the U.S. courts and also through the progression of technology.

With AI becoming more accessible through free apps and websites, many are turning to ChatGPT, Gemini, and other AI apps to get more detailed responses than those available from Google Search which is the leading search engine in the world with a market share approaching 90%.

Unlimited by Mint Mobile at $15/mo

Get 50% off – try it for 3 months today!

We may earn a commission if you make a purchase


Check Out The Offer

Read the latest from Alan Friedman

Share This Article
Previous Article You Don't Need iOS 26 to Get This Dreamy Wallpaper on Your iPhone Now
Next Article OnePlus offers a refund for OnePlus 12R 256GB phone after inaccurate UFS 4.0 claim · TechNode
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Latest News

Today's NYT Strands Hints, Answer and Help for Aug. 9 #524 – CNET
News
7 Key Benefits of Using Blue Yonder Warehouse Management for Modern Supply Chains
Gadget
iFlytek chair delivers confident speech to employees despite projected net profit fall of over 70% for 2023 · TechNode
Computing
Starlink Nabs Federal Broadband Funds, But Fiber Is Still the Big Winner
News
Lost your password?