Google has alerted users about a data breach incident involving the prolific hacking group 'ShinyHunters.' According to Google's Threat Intelligence Report, the group accessed data during a brief window of vulnerability linked to a Salesforce data breach.Approximately 2.5 billion Gmail users are urged to reset their passwords and enhance account security. The breach primarily exposed publicly available business contact information, such as names and contact details, which nonetheless raises the risk of phishing attacks.
Google has directly notified affected users by email, cautioning them to remain vigilant against social engineering and extortion schemes. These often involve attackers contacting employees of targeted organizations to demand ransom payments, frequently in bitcoin.
The breach was traced to ShinyHunters exploiting Google's corporate Salesforce instance by impersonating staff and gaining unauthorized access to IT support services.
ShinyHunters has a history of successful attacks targeting notable companies such as Santander, AT&T, and insurance giant Allianz Life. Google suspects that the group may escalate their tactics by launching a dedicated data leak site.
Google remains vigilant, monitoring this threat actor closely and promises to provide updates as new developments arise.
Phishing risk
The exposure of contact details through the Salesforce breach increases the risk of targeted phishing attacks on businesses and their employees. Users are advised to strengthen their security practices and be wary of suspicious communications.What you can do
- Reset your Gmail password immediately and ensure it's strong and unique.
- Enable two-factor authentication (2FA) on your Google account for added protection.
- Be cautious of unsolicited emails or calls asking for sensitive information or payment.
- Stay updated on Google's official communications and security advisories.
- Use reputable security software to protect your devices from malware.
Original article: Google warns that billions of Gmail accounts could be vulnerable after data breach.