- Google has confirmed the suffering of a data violation
- The attack was carried out by Shinyhunters, once again hijacking systems
- The group apparently has Snow into a Salesforce –
Cyber criminals known as Shinyhunters (UNC6040) recently broke into Google and stole business customer information from one of its company’s Salesforce deposits, the company has confirmed.
In a blog post that broke the Shiny Hunters’ Modus Operandi, the company played something of the importance of the incident and noted that Miscreants did not really grab anything sensitive or of special value.
“In June, one of Google’s company sale -salesforce deposits affected by similar UNC6040 activity described in this post,” said the company, “the data retrieved by the threat actor was limited to basic and largely publicly available business information, such as business names and contact information.”
“Publicly available Business Information”
Shinyhunters is a threat actor who is targeting the corporate Salesforce deposits by mimicking the company’s staff and calling it support on the phone.
During the call, they tell the IT technician that they lost access to their work platform and manage to convince them to change the login credentials.
While it may sound trivial, the technique seems to be working pretty well, as several organizations have recently reported to lose sensitive data to the same group in the same way.
Google did not say how many companies were affected by the violation and refused to comment further. We do not know if Shinyhunters reached out with a ransom -promotion in exchange for ruining the stolen files.
Currently, Shinyhunters is one of the most active threat actors and probably among the most successful.
In recent weeks, the group managed to break into both Pandora and insurance giant Allianz Life and has also taken credit for violations at AT&T, Santander, Ticketmaster and many others.
The group does not implement an encryption and is rather just focused on data ex-filtration, making it one of several ransomware groups that have recently turned away from files encryption, a process that is apparently expensive and time-consuming.
Via Techcrunch
