"Google did not cite any specific security issues that may have fueled the rumors. But the company is likely referring to a recent breach that affected its cloud-based Salesforce databases. Allegedly orchestrated by the cybercriminal group ShinyHunters, the incident reportedly compromised customer and company names, triggering phishing and vishing (voice phishing) attacks. In response, reports claimed that Google advised 2.5 billion Gmail users to update their passwords."
"Though there was no such advisory, there are kernels of truth here. Attackers have been targeting valuable Salesforce data stored in Google's cloud. On August 26, the Google Threat Intelligence Group issued a warning about a hacker who compromised OAuth security tokens related to Salesloft Drift, an AI-based chatbot that Salesforce has integrated into its system. The phishing and vishing attacks staged by hackers are also a real and persistent threat."
Google denied issuing a broad warning about a major Gmail security breach. The denial likely refers to a breach affecting cloud-based Salesforce databases hosted on Google Cloud. The incident was allegedly orchestrated by the cybercriminal group ShinyHunters and reportedly exposed customer and company names, which led to phishing and vishing attacks. Reports wrongly claimed Google advised 2.5 billion Gmail users to change passwords. On August 26, the Google Threat Intelligence Group warned of a hacker who compromised OAuth security tokens related to Salesloft Drift, an AI chatbot integrated with Salesforce. Phishing and vishing remain real, persistent threats that exploit exposed data and tokens.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]