From PC Mag: In a bit of irony, Google has been hacked by the "ShinyHunter" gang—weeks after it warned that the group was on a hacking spree.
The group accessed a Google corporate account with Salesforce, which supplies customer relationship management services. However, the breach seems to be isolated to small and medium businesses rather than everyday internet users.
“The [Salesforce] instance was used to store contact information and related notes for small and medium businesses,” Google says. "The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details.”
In addition, the hackers were only able to access the data “during a small window of time before the access was cut off," according to Google.
The company hasn’t provided more details, including the number of affected businesses. But ShinyHunters likely pulled off the breach through “voice phishing,” which involves a hacker pretending to be a customer support agent and tricking the victim into handing over a password or installing a malicious application.
View: Full Article