On August 5th (Tuesday), Google came out and confirmed that hackers stole customer information during June 2025. The hacking collective ShinyHunters pulled this off by breaking into one of its third-party databases.
In addition, the company's Threat Intelligence Group stated that a Salesforce database system was compromised. This system was mostly set up to hold contact details and notes for small and medium-sized businesses.
According to Google, the stolen data was made up of basic and largely public business information. For instance, it included things like business names and contact details. At first glance, the scope of the data seems contained.
Even so, the fact that a major company like Google was breached brings up serious questions about the safety of cloud-based customer management systems.
What This Breach Means for Businesses
Unfortunately, this incident is just the latest in a series of big breaches that have gone after Salesforce cloud systems. In fact, other large companies like Cisco, Qantas, and Pandora recently had similar thefts of customer data.
This shows a widespread weakness. For businesses that have to count on these platforms, this trend is alarming. It suggests that just trusting a large service company is not enough to guarantee data safety.
Furthermore, the possible fallout is serious. Based on Google's own intelligence, the ShinyHunters group may be getting ready to put up a data leak site. Attacker gangs often use these sites to publish stolen data. They do this to push their victims into paying a ransom. Ultimately, this adds public shame and brand damage on top of the financial threat.
Who are ShinyHunters?
ShinyHunters is a hacking collective. They are known for going after large companies and their cloud-based databases. Their main attack method uses clever social engineering, just as Google spelled out in its blog post.
Attack Method Used By ShinyHunters:
- Voice Phishing: To begin with, the group uses voice phishing, or vishing, to fool company employees.
- Gaining Access: After that, their goal is to trick staff into letting them into the company's cloud-based Salesforce databases.
What's more, the group may be linked up with other cybercriminal collectives like The Com.
The Com is known for using hacking, extortion, and sometimes even threats of violence to get what it wants. This suggests ShinyHunters could be part of a larger and more aggressive network.
As of now, Google has not said how many customers were affected. The company also has not commented on receiving any messages from the attackers, like a ransom demand. As a result, this event points to a worrying pattern of cyberattacks on cloud systems.
How to Prevent Cloud Database Breaches Done By Voice Phishing?
The breach at Google came about because employees were tricked. So to avoid this it’s always essential to educate both users and employees about phishing.
This just goes to show that even strong technical defenses can be gotten around by taking advantage of human trust. No system is ever completely safe.
With software like Infisign, you can set up a system where user identities are decentralized.
- Users are also protected with advanced passwordless authentication. This way of doing things nearly wipes out the risk from phishing and vishing attacks, since there are no passwords to be stolen or given away by accident.
- In addition, putting a privileged access management (PAM) system in place makes sure that only a few highly authorized people can get to the most sensitive information. This ends up creating multiple layers of security.
Ready to look after your cloud data? Get in touch with the team at Infisign for a free trial.
