Google says hackers breached one of its databases
Add Axios as your preferred source to
see more of our stories on Google.
Photo: Thomas Fuller/SOPA Images/LightRocket via Getty Images.
Google said that a cybercriminal hacking group broke into one of its own Salesforce database systems that stored information about small and medium-sized businesses.
Why it matters: Even Google isn't completely resilient against the wave of social engineering attacks targeting major businesses this year.
Driving the news: In a blog post late Tuesday, Google said that a group commonly known as ShinyHunters had broken into the database, which stored contact information and "related notes for small and medium businesses."
- The hackers had access to the database for "a small window of time before the access was cut off," Google added, and they mostly made off with information that was "basic and largely publicly available business information."
The big picture: ShinyHunters is a cybercriminal group known for breaking into organizations via social engineering.
- In most schemes, they'll impersonate a company's IT support desk using voice phishing techniques and trick an employee into resetting their password.
- ShinyHunters also tricks these employees into authorizing the installation of a malicious application onto their systems that the hackers then use to access and exfiltrate sensitive information.
- After ShinyHunters extracts the data, they will call or email employees — often months after the fact — and demand a ransom payment to prevent the publication of the stolen information.
Catch up quick: So far this year, ShinyHunters has been linked to a series of data breaches at Australian airline Qantas, insurer Allianz Life, Louis Vuitton and Adidas.
- Each of those breaches involved compromised Salesforce systems and social engineering.
What to watch: It is unclear if Google faced a ransom demand for the stolen data.
