Google reported a security incident involving unauthorized access to a limited set of data, including company names, phone numbers, and internal notes from a business Salesforce instance. The breach was brief and did not impact other Google systems like Ads, Merchant Center, or Google Analytics. Following the incident, security teams conducted investigations and implemented additional measures. The attack was linked to ShinyHunters, known for exploiting social engineering tactics. Famous organizations experienced similar breaches, often leading to financial exploitation through phishing or fraud.
The incident involved unauthorized access to a limited set of data from a Google business Salesforce instance including company names, phone numbers, and internal notes.
ShinyHunters attacked using social engineering tactics, deceiving employees over the phone to link a malicious application to Salesforce, facilitating data export.
No Google Ads data, Merchant Center, Google Analytics, or payment information was impacted. Security teams have since investigated and implemented additional measures.
High-profile victims of ShinyHunters include Air France-KLM, Cisco, LVMH, and Adidas, highlighting vulnerabilities in CRM systems due to human error.
Collection
[
|
...
]