The Google Threat Intelligence Group has officially confirmed that user data has been stolen following a successful hack attack impacting one of its databases. Here’s what we know so far.
Google Has Been Hacked — Data Has Been Compromised
This is not a warning that the Google Chrome web browser is in need of an urgent security update, or a story about switching from passwords to passkeys to protect your Google account. No, this is exactly what the headline says: Google has been hacked.
Source? That would be Google itself.
An August 5 posting by the Google Threat Intelligence Group has confirmed that one of the corporate databases was impacted by hackers thought to be associated with the ShinyHunters ransomware group, more formally known as UNC6040.
“Google responded to the activity, performed an impact analysis and began mitigations,” the GTIG posting stated, adding the database in question was a Salesforce instance “used to store contact information and related notes for small and medium businesses.”
Customer data was, Google said, “retrieved by the threat actor,” in the short period of time that the attack window remained open. Although Google has not gone into great detail regarding the attack as of yet, it did confirm that the stolen data consisted of “basic and largely publicly available business information, such as business names and contact details.”
I have reached out to Google for a statement.
Google has stated that ShinyHunters commonly uses an attack tactic of extorting victims using emails or telephone calls demanding bitcoin ransom payments within 72 hours of compromise. It has not, however, confirmed or denied that this was the case here. Google did confirm that the attack itself occurred in June.
“The news that Google has suffered a data breach in the recent wave of attacks executed by ShinyHunters highlights that no organisation is immune to cybercrime,” William Wright, CEO of Closed Door Security, said, adding: “It doesn’t matter if you are a small business or one of the world’s leading technology firms, all organiZations are vulnerable.”
This is a developing story, and I will update it if more information from Google is forthcoming.