Google Reports Customer Data Stolen After Hackers Breach Salesforce Database

Google has confirmed that some customer information was stolen following a recent breach of one of its Salesforce database systems. The compromised system stores contact information and notes for small and medium-sized businesses.

In a blog post released Tuesday, Google’s Threat Intelligence Group revealed that the breach was carried out by a hacking collective known as ShinyHunters, formally designated as UNC6040.

“The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details,” Google said.

Google has not disclosed the exact number of customers affected. A company spokesperson declined to provide further comment beyond the blog post, and it remains unclear if Google has received any ransom demands or other communication from the hackers.

Background on ShinyHunters and Related Breaches

ShinyHunters is known for targeting large companies and their cloud-based Salesforce databases. This incident follows a series of similar breaches affecting major corporations such as Cisco, Qantas Airlines, and retail chain Pandora.

According to Google, ShinyHunters uses voice phishing techniques to deceive company employees into granting access to Salesforce databases hosted on the cloud.

Google indicated that ShinyHunters is likely preparing a data leak site, a common tactic among ransomware gangs to pressure victims into paying ransoms by publishing stolen data. The group reportedly overlaps with other cybercriminal organizations, including The Com, known for hacking, extortion, and sometimes threats of violence.

Featured image credit: Kevin Ku via Pexels

For more stories like it, click the +Follow button at the top of this page to follow us.