$50 off refurb iPad Pro 11" – use SCHOOL50

Google suffers a serious data breach at the hands of a ransomware group

The bad actors are using voice phishing to pull off their malicious attacks.

By
0comments
Google News Follow
Follow us on Google News
Google
The Google "G" logo is shown on the display of an Android phone.
There has been a data breach involving one of Google's corporate databases, and data was obtained by the hackers. This was confirmed on August 5th by the Google Threat Intelligence Group (GTIG), which posted that the group responsible for the data breach had a connection to the ShinyHunters ransomware group. Google noted that the data stolen was "basic and largely publicly available business information, such as business names and contact details." 

Google's Threat Intelligence Group reported on a data breach that ended up affecting Google itself


The MO of the ShinyHunters group makes the breach concerning. The ransomware group typically uses emails and phone calls to extort its victims, no later than three days after the targeted files have been compromised. Back in June, Google said that it "observed" the ShinyHunters group attacking multi-national companies to steal data from these firms' Salesforce platforms. Salesforce offers cloud-based services to help companies manage their relationships with customers, also known as Customer Relations Management (CRM).

Part of the Salesforce client that is used by the attackets to forge a connection with victims.
The bogus Data Loader requested an eight-digit code that connected the victim to the attacker. | Image credit-Google

GTIG said that the attacks targeted English-speaking employees working for Salesforce clients and used voice phishing to trick the employee into connecting a modified version of Salesforce's Data Loader application. The aforementioned English-speaking employees received phone calls from someone claiming to be IT support personnel, telling the targeted employee to accept a connection to the client application known as Salesforce Data Loader. 

As its name suggests, this is a key tool used by administrators and developers at Salesforce looking to import, export, update, or delete a large amount of data.  Because the organizations being targeted by the attackers are Salesforce clients and use its CRM platform, the request from the bad actors to install the Data Loader doesn't appear to be unusual. To connect the victim with the attackers, the latter persuades the victim on the phone to open the Salesforce Connect setup page and enter an 8-digit connection code. This connects the victim to the attacker.

Are attacks like this more prevalent than we know?

Vote View Result

Google itself became a victim of this attack in June when one of its Salesforce CRM installations was breached and customer data stolen. Bleeping Computer spoke with ShinyHunters this past Wednesday and was told that it breached several Salesforce instances, including one related to a trillion-dollar company. The threat actor said that it might decide to just leak the data from that company instead of using it to extort the firm. It is not known for sure whether that company is Google, even though the description fits.

Other companies being attacked are extorted through email, with the threat actor demanding that they pay a ransom in order to keep the data from getting publicly leaked.

Google has been getting hit from all sides lately


The CEO of Closed Door Security, William Wright, said, "The news that Google has suffered a data breach in the recent wave of attacks executed by ShinyHunters highlights that no organization is immune to cybercrime. It doesn’t matter if you are a small business or one of the world’s leading technology firms, all organizations are vulnerable."

For Google, having to deal with a data breach that seeks to extort money from the search giant is just another hassle that the company has had to deal with lately. At the end of last month, the Ninth Circuit Court of Appeals ruled against Google's appeal thus upholding a jury verdict that called Google's Play Store app storefront  an illegal monopoly. Additionally, the company is faced with the possibility of losing its search monopoly through the U.S. courts and also through the progression of technology.

With AI becoming more accessible through free apps and websites, many are turning to ChatGPT, Gemini, and other AI apps to get more detailed responses than those available from Google Search which is the leading search engine in the world with a market share approaching 90%.

Unlimited by Mint Mobile at $15/mo

Get 50% off – try it for 3 months today!


We may earn a commission if you make a purchase

Check Out The Offer
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.webp
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.
Read the latest from Alan Friedman
Loading Comments...

Latest Discussions

You Tube Video speed control suddenly inoperable-New Android Phone

by Aquarian4u • 2

Do you use a screen protector? Make your case!

by Abdullah Asim • 8

Military verification

by mjyoung • 3
Start Discussion View All

Recommended Stories

Popular stories

Verizon is sending an email that no customer wants to receive
Verizon is sending an email that no customer wants to receive
Three T-Mobile plans now offer more value than before
Three T-Mobile plans now offer more value than before
It’s no joke, Verizon customers are really leaving after losing their discounts
It’s no joke, Verizon customers are really leaving after losing their discounts
I was charging my OnePlus 13 all wrong, and it was degrading my battery — here’s what you need to know [UPDATED]
I was charging my OnePlus 13 all wrong, and it was degrading my battery — here’s what you need to know [UPDATED]
Android Auto’s new look is here, but not everyone’s on board
Android Auto’s new look is here, but not everyone’s on board
T-Mobile has silently enabled a new feature for Samsung and Motorola users
T-Mobile has silently enabled a new feature for Samsung and Motorola users

Latest News

Verizon is scrambling to win back trust of customers
Verizon is scrambling to win back trust of customers
Get rid of your digital assistant now and replace it with this app
Get rid of your digital assistant now and replace it with this app
Samsung’s browser adds AI option to keep your tabs under control
Samsung’s browser adds AI option to keep your tabs under control
Pixel Tablet owners can finally get Google's unreleased stylus
Pixel Tablet owners can finally get Google's unreleased stylus
T-Mobile 5G internet now suffers from the same curse as voice and tablet lines
T-Mobile 5G internet now suffers from the same curse as voice and tablet lines
The budget Galaxy Tab A11 shows up in first real-life photo ahead of launch
The budget Galaxy Tab A11 shows up in first real-life photo ahead of launch
FCC OKs Cingular\'s purchase of AT&T Wireless