Google warns billions of Gmail users after a data breach by ShinyHunters
ShinyHunters breached a Google Salesforce instance, potentially impacting billions of Gmail accounts. While the stolen data primarily consisted of business contact information, it could fuel phishing and extortion attempts. Google is urging affect...
By Muskan Singh, Global Desk | Updated:
महाराष्ट्र टाइम्स.कॉम
Google has said that billions of Gmail accounts may be at risk after a targeted data breach. The hacking group ShinyHunters has been linked to the attack, which accessed information through a Salesforce instance. Myriads of Gmail users are affected and are being told to take necessary steps to curb the impact.
The Threat Intelligence Report from Google says that ShinyHunters used a corporate Salesforce instance. The group pretended to be employees to trick IT support services into giving them business contact information. Even though most of the data was public, like company names and contact information, it could still be used for phishing attacks, as quoted in a report by Techradar.
“In June, one of Google’s corporate Salesforce instances was impacted by similar UNC6040 activity described in this post,” adding “the data retrieved by the threat actor was confined to basic and largely publicly,” the company said, as per a report by Techradar.
ALSO READ: Ryan Reynolds sparks split rumors after Blake Lively birthday snub, Instagram wipeout
The breach affected small and medium-sized businesses, allowing hackers to get to information like business names and contact lists. Google stated that although the stolen data did not contain private or financial information, it could still make businesses more vulnerable to social engineering and extortion.
Google thinks the group might not stop here. The company warned that ShinyHunters could soon step up their extortion efforts by creating a separate site for data leaks, which would put more pressure on victims to pay. This follows the group's role in well-known breaches at Allianz, AT&T, and Santander.
Google has already sent emails to those who were affected, telling them to improve their security right away. About 2.5 billion Gmail users were told to change their passwords. The big tech company said it is still keeping an eye on ShinyHunters' activities and will let people know about any new developments.
FAQs
Who is responsible for the breach of Gmail data?
The group of hackers known as ShinyHunters has been named as the ones responsible.
What should people who use Gmail do now?
Change your passwords and be on the lookout for phishing or extortion attempts.
How did ShinyHunters gain access?
The Threat Intelligence Report from Google says that ShinyHunters used a corporate Salesforce instance. The group pretended to be employees to trick IT support services into giving them business contact information. Even though most of the data was public, like company names and contact information, it could still be used for phishing attacks, as quoted in a report by Techradar.
“In June, one of Google’s corporate Salesforce instances was impacted by similar UNC6040 activity described in this post,” adding “the data retrieved by the threat actor was confined to basic and largely publicly,” the company said, as per a report by Techradar.
ALSO READ: Ryan Reynolds sparks split rumors after Blake Lively birthday snub, Instagram wipeout
ADVERTISEMENT
What data was made public?
The breach affected small and medium-sized businesses, allowing hackers to get to information like business names and contact lists. Google stated that although the stolen data did not contain private or financial information, it could still make businesses more vulnerable to social engineering and extortion.
Could ShinyHunters step up their attacks?
Google thinks the group might not stop here. The company warned that ShinyHunters could soon step up their extortion efforts by creating a separate site for data leaks, which would put more pressure on victims to pay. This follows the group's role in well-known breaches at Allianz, AT&T, and Santander.
ADVERTISEMENT
What is Google doing right now?
Google has already sent emails to those who were affected, telling them to improve their security right away. About 2.5 billion Gmail users were told to change their passwords. The big tech company said it is still keeping an eye on ShinyHunters' activities and will let people know about any new developments.
ADVERTISEMENT
“We believe threat actors using the 'ShinyHunters' brand may be preparing to escalate their extortion tactics by launching a data leak site (DLS).” “These new tactics are likely intended to increase pressure on victims, including those associated with the recent UNC6040 Salesforce-related data breaches. We continue to monitor this actor and will provide updates as appropriate,” the report confirms, as quoted in a report by Techradar.FAQs
Who is responsible for the breach of Gmail data?
The group of hackers known as ShinyHunters has been named as the ones responsible.
What should people who use Gmail do now?
Change your passwords and be on the lookout for phishing or extortion attempts.
Download
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
The Economic Times Business News App for the Latest News in Business, Sensex, Stock Market Updates & More.
Download
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
The Economic Times News App for Quarterly Results, Latest News in ITR, Business, Share Market, Live Sensex News & More.
ADVERTISEMENT
