Google has confirmed that some business customer info has been stolen after hackers breached one of its Salesforce databases. The culprit? A well-known cyber gang called ShinyHunters, who never tire of poking around other people’s cloud data.
In a blog post released late Tuesday, Google’s Threat Intelligence Group explained that the breach involved a database used to store contact info and notes for small and mid-sized businesses, the kind of stuff that makes it easier to pitch, follow up, and close a sale. But unfortunately, it also makes that info a goldmine for hackers.
Google insists that the stolen data was mostly basic and publicly accessible, like business names, emails, and phone numbers. Still, for a company that runs half the internet, any breach raises red flags. So far, Google hasn’t revealed how many people were affected or if the hackers have demanded a ransom.
Related: Cisco Breach Exposes User Data After Voice Phishing Attack
ShinyHunters, aka UNC6040, is not exactly new to this game. They are infamous for going after big-name companies and their cloud platforms. Think: Cisco, Qantas, Pandora, all previously hit in similar attacks tied to Salesforce systems. According to Google, the group often uses voice phishing (aka “vishing”) to trick employees into handing over access credentials.
And there is likely more trouble ahead. Google suspects ShinyHunters is setting up a data leak site, the digital equivalent of airing your dirty laundry, which ransomware groups often use to pressure companies into paying up.
Worse still, this group might be teaming up with others like “The Com,” a shady cybercrime crew known for mixing hacking with extortion, and sometimes even threats of violence. Even tech giants like Google aren’t immune to crafty cybercriminals. As cloud systems become the norm, so do sophisticated social engineering tactics. If your business relies on platforms like Salesforce, maybe it’s time to double-check who has access and how easily they could be tricked.
