Google has issued a strong warning to Gmail users after a well-known hacking group, ShinyHunters, managed to steal sensitive information through a data breach. According to Google’s Threat Intelligence Report, the hackers gained access to data through a corporate Salesforce system, leaving billions of Gmail accounts potentially vulnerable.
The company said around 2.5 billion Gmail users have been urged to reset their passwords and strengthen their account security, Tech Radar reported. While the exposed information included mostly names and business contact details, Google warned that this still increases the chances of phishing scams and extortion attempts.
How the breach happened
As per Tech Radar, the breach took place when ShinyHunters impersonated company staff to trick IT support teams and gain access to Google’s Salesforce instance. Google confirmed that the stolen data was limited to basic and largely public business information, but stressed that the threat should not be underestimated.
In a statement, the company said, “In June, one of Google’s corporate Salesforce instances was impacted by UNC6040 activity. The data retrieved was confined to basic business names and contact details.”
Phishing and extortion risks
Google has emailed affected users to be on the lookout for phishing emails or calls demanding Bitcoin payments. Cyber experts say even harmless information can be used to create social engineering attacks that trick users into sharing sensitive data.
ShinyHunters has a long track record of major cyberattacks. The group was previously linked to breaches involving Santander, AT&T, and Allianz, making it one of the most dangerous hacker groups today.
Google’s report further warns that the hackers may launch a data leak site (DLS) in the near future to put additional pressure on their victims.
What’s next?
Google says it is monitoring ShinyHunters and will update as the situation develops. In the meantime, users should change their passwords, enable two-factor authentication and be cautious of suspicious emails or calls.
FAQs
1. Who is behind the Gmail breach?
ShinyHunters, the hacking group that has hit major global companies, is behind the data breach.
2. What kind of data was exposed?
Mainly names and business contact details, but this data can be misused for phishing and extortion.
3. What to do now?
Reset password, enable two-factor authentication, and be on the lookout for suspicious emails or calls.
