Google Confirms Data Stolen in Breach by Known Hacker Group

Outdated 911 system needs an update to prevent cyberattack, expert warns Fox News Digital spoke with APCO International Executive Director and CEO Mel Maier on the need to invest in Next Generation 911.

When a hospital or nonprofit falls victim to a cyberattack, it's hard to place blame. Cybersecurity isn't their strength, and many lack the budget for a dedicated security team, let alone a chief technology officer. But when a tech giant like Google experiences a data breach, it raises serious questions. Is data security slipping down the company's priority list? Or are today's cybercriminals so advanced that even Google's top engineers are struggling to keep up?

What Happened at Google

Google recently confirmed that hackers stole customer data by breaching one of its internal databases. The breach targeted a system that used Salesforce, a popular cloud-based platform companies use to manage customer relationships, store business contact information and track interactions.

The attack has been linked to a known threat group. According to Google's Threat Intelligence Group, the attackers relied on voice phishing, or "vishing," impersonating company employees in phone calls to IT support and persuading them to reset login credentials. This technique has proven effective against multiple organizations in recent months.

The breach was carried out by ShinyHunters, a well-known cybercriminal group formally tracked as UNC6040. The group has recently been linked to a string of high-profile incidents involving companies such as AT&T, Ticketmaster, Allianz Life and Pandora. In this case, the attackers targeted Google's corporate Salesforce system, which the company uses to store contact information and notes about small and medium-sized businesses.

The Stolen Data

Google did not specify how many customers were affected by the breach. When asked for further details, a company spokesperson pointed CyberGuy back to the blog post and declined to elaborate.

It is also unclear whether Google has received any sort of ransom demand from the group. Cisco, Qantas and Pandora have all reported similar breaches in recent months, which now appear to be part of a broader campaign targeting cloud-based customer relationship management tools.

Ransomware Gangs and Public Leak Sites

In its blog post, Google warned that ShinyHunters may be preparing a public leak site. Ransomware gangs often use this tactic to extort companies, threatening to publish stolen data.

The group reportedly shares infrastructure and personnel with other cybercriminal collectives, including The Com, which runs extortion campaigns and has, in some cases, issued threats of physical violence.

Staying Safe from Voice Phishing and Social Engineering Attacks

While organizations like Google may be prime targets, individuals are often the weakest link that attackers exploit. But with a few smart practices, you can dramatically reduce your risk.

Tip #1: Never Share Login Credentials Over the Phone

No legitimate IT team will ever ask you to share your password or 2FA codes over the phone. If someone does, it's a major red flag. If someone claims to be from your company's IT department or a service provider, hang up and call back using an official number.

Tip #1: Never Share Login Credentials Over the Phone
No legitimate IT team will ever ask you to share your password or 2FA codes over the phone. If someone does, it's a major red flag. If someone claims to be from your company's IT department or a service provider, hang up and call back using an official number.

Tip #2: Beware of Phishing Links Too

Phishing emails and messages often include links that take you to fake websites designed to steal your login credentials or personal information. These messages usually create a sense of urgency, asking you to verify an account, reset a password or claim a reward.

Tip #2: Beware of Phishing Links Too
Phishing emails and messages often include links that take you to fake websites designed to steal your login credentials or personal information. These messages usually create a sense of urgency, asking you to verify an account, reset a password or claim a reward.

Tip #3: Use a Data Removal Service

9 Ways to Stay Safe from Voice Phishing and Social Engineering Attacks

Here are 7 more ways to stay safe from voice phishing and social engineering attacks:

Tip #4: Keep Your Software and Browsers Up to Date

Tip #5: Use a Password Manager with Phishing Detection

A good password manager doesn't just store strong, unique passwords; it can also alert you if you're on a suspicious site. If your password manager refuses to autofill your login, it could mean the site is fake.

Tip #5: Use a Password Manager with Phishing Detection
A good password manager doesn't just store strong, unique passwords; it can also alert you if you're on a suspicious site. If your password manager refuses to autofill your login, it could mean the site is fake.

Tip #6: Monitor Your Accounts for Unusual Activity

If you suspect a breach, watch your accounts for unauthorized logins, password reset emails or other suspicious behavior. Set up alerts when possible.

Tip #6: Monitor Your Accounts for Unusual Activity
If you suspect a breach, watch your accounts for unauthorized logins, password reset emails or other suspicious behavior. Set up alerts when possible.

Conclusion

The Google data breach highlights a persistent vulnerability in corporate systems: people. ShinyHunters seems to be getting more effective at exploiting that weakness. What's even more concerning is the rise of vishing, also known as voice phishing.

We need to stay vigilant and take proactive steps to protect ourselves from these types of attacks. By following smart practices like those outlined above, you can dramatically reduce your risk.

HACKER_BLOG

GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP