Google Confirms Salesforce Hack by ShinyHunters: Data Stolen in Vishing Attack

Описание: Google has confirmed a security breach targeting its Salesforce CRM instance, carried out by the notorious ShinyHunters cybercriminal group. The attackers used voice phishing to trick Google employees into authorizing a malicious Salesforce app disguised as a trusted tool.

✅ Data stolen: Basic business contact info from Google’s SMB clients
✅ No sensitive personal or financial data was exposed
✅ Attack method: Vishing + malicious OAuth app authorization
✅ Detected: June 2025, with quick response to cut off access
✅ Extortion: ShinyHunters demanded Bitcoin, threatening data leaks
✅ Other victims: Cisco, Qantas, Pandora, LVMH, Allianz

This campaign highlights the growing danger of social engineering and OAuth abuse in cloud services. Google has since revoked access, launched forensic reviews, and issued updated security guidance.

#Google #Salesforce #DataBreach #CyberSecurity #ShinyHunters #Hack #SMB #CloudSecurity #OAuth #news

FIND US AT
https://dailysecurityreview.com/

FOLLOW US ON SOCIAL
Get updates or reach out to Get updates on our Social Media Profiles!
Twitter:   / securitydailyr  
Facebook: https://www.facebook.com/profile.php?...
LinkedIn:   / security-daily-review