- Gmail -users could be affected in the Shinyhunters Attack campaign
- Google has warned those that may be vulnerable
- This campaign has targeted a large number of companies
A WARNING from Google has outlined a productive hacking group, Shinyhunters, has geared gmail to attack users. Google’s threat information report reveals that the group gained access to data under a small window that could leave users exposed.
About 2.5 billion users were encouraged to reset their passwords and tighten their security after the contact information from small and medium -sized businesses had access to. The information was publicly available, typically names and contact information, but this still leaves some vulnerable to phishing attacks.
Google has since notified those affected by the incident via E -mail – but those whose data was compromised should be looking for social technology and extortion. These incidents typically involve an E email or call for employees of victim organizations that require large sums of Bitcoin.
Phishing risk
The violation comes from Shinyhunter’s data theft through a company’s Salesforce occurrence, confirmed by the company. Salesforce was targeted by the group that mimicked the company’s staff and contacted IT support services to access.
“In June, one of Google’s company sale -salesforce deposits affected by similar UNC6040 activity described in this post,” said the company, “the data retrieved by the threat actor was limited to basic and largely publicly available business information, such as business names and contact information.”
Shinyhunters is an extremely successful threat group that recently attacks Santander, AT&T and insurance giant Allianz. But Google doesn’t think they’re done yet;
“We believe that threat actors who use the brand ‘Shinyhunters’ can prepare to escalate their extortion tactic by launching a data leakage (DLS), confirms the report.
“These new tactics are probably intended to increase the pressure on the victims, including those associated with the recent UNC6040 Salesforce-related data violations. We continue to monitor this actor and will provide updates as needed.”
