Cyberattacks are becoming increasingly common, with hackers finding vulnerabilities and often gaining access to sensitive information, resulting in mistrust among the community. While Google has been controversial for a while over its monopoly in the search market and has been facing many legal troubles as a result, this is not why the company is making the headlines these days. The tech giant has recently confirmed a data breach linked to the ShinyHunters ransomware group, which targeted Google's corporate Salesforce database systems containing business contact information. While some reports have painted the hack as massive, the company has shared details on the scope and nature of the stolen data.
Google confirms data breach by hackers - here is what was stolen and what it means
Google has confirmed a targeted cyberattack that exposed vulnerabilities in its system and allowed access to its corporate Salesforce databases in June 2025, carried out by the notorious ShinyHunters group, also designated as UNC6040. While the breach's extent was limited and did not impact the company's core systems or sensitive consumer data, it did, however, highlight a weak link in the tech giant's supply chain security.
As per Google's Threat Intelligence Group (GTIG), the hackers used a voice phishing technique that involved calling employees while pretending to be members of the internal IT team, in order to have them install an altered version of Salesforce's Data Loader. By using this technique, the attackers were able to access the database before their intrusion was detected. The accessed data included business contact information and details related to clients. The breach did not involve any compromised payment details or personal information.
Although ShinyHunters are known for making ransom demands in past cases, Google did not mention any such attempts. Nonetheless, cybersecurity experts have warned that these types of attacks are accelerating, with more organizations falling victim every month. One aspect that is quite striking is how the tech giant's own security researchers had been keeping tabs on ShinyHunters’ cyberattacks and were still not able to prevent the exploitation.
While the breach may seem trivial given that it did not involve personal or sensitive information, and no consumer information was compromised, it still poses a threat, especially considering how these business contact details can be used as a weapon for future phishing attacks. In the end, the breach is not mainly about the content of the compromised data but about how it was accessed - a stark reminder that even tech giants like Google, despite being prepared against such exploitations, can still fall prey to it.
Follow Wccftech on Google to get more of our news coverage in your feeds.
