Google warns 2.5 billion users after major data breach
It may sound like something out of a sci-fi crime thriller, but this latest major cyberattack is very real.
Google disclosed that the hacking group ShinyHunters breached a database via the cloud service provider Salesforce, exposing around 2.5 billion Gmail and Google Cloud accounts worldwide to potential compromise, News.Az reports citing the Yahoo News.
Google’s Threat Intelligence Group (GTIG) said it first discovered a breach in June and, by August, became aware of bad actors using “overlapping tactics, techniques, and procedures” to access networks and accounts. Those tactics include social engineering, such as impersonating IT support reps in phone conversations, primarily targeting English-speaking users at multinational companies.
GTIG said the data obtained was “basic and largely publicly available business information” but warned that ShinyHunters “may be preparing to escalate their extortion tactics by launching a data leak site … likely intended to increase pressure on victims.”
In the past, GTIG tracked the group’s actions for months after branches and found their extortion techniques included “calls or emails to employees of the victim organization demanding payment in bitcoin within 72 hours.” The hacker group takes its name from the Pokémon franchise.
Geekspin noted that ShinyHunters has previously hacked the organizations AT&T Wireless, Mashable, Microsoft, Santander, Ticketmaster and Wattpad. Along with extorting their victims, the group also sells stolen databases on the dark web, adding further risk to anyone’s accounts.
Similar news
