Symbols

Google Confirms Customer Data Theft by ShinyHunters from Salesforce Database

Generated by AI AgentTicker Buzz

Wednesday, Aug 6, 2025 9:02 am ET1min read

Aime Summary

- Google confirmed ShinyHunters (UNC6040) stole customer data from its Salesforce database, targeting SME contact information.

- Attackers used voice phishing to access systems, with stolen data limited to publicly available commercial records.

- ShinyHunters, linked to cybercrime groups like "The Com," may prepare data leak sites for ransom demands.

- Incident highlights persistent cyber threats, urging companies to strengthen cloud security and employee training.

Google has confirmed that a recent breach of its

Salesforce

database resulted in the theft of customer information. The company's threat intelligence team disclosed in a blog post that the attack was carried out by a hacker group known as "ShinyHunters," also referred to by the formal designation UNC6040. This group targeted a Salesforce database system used to store contact information and related records of small and medium-sized enterprises.

The compromised data is reported to be limited to basic and mostly publicly available commercial information, such as company names and contact details. Google has not disclosed the number of affected customers, and a company spokesperson did not immediately respond to requests for comment. It is also unclear whether the company has received any demands, such as ransom requests.

ShinyHunters is notorious for targeting large corporations and their cloud databases. This incident is part of a series of breaches targeting Salesforce cloud systems. Recently, companies such as

Cisco

, the airline giant Qantas, and the retail giant Pandora have also had customer data stolen. According to Google's blog post, ShinyHunters used voice phishing techniques to trick company employees into granting them access to the cloud-based Salesforce database.

Google has indicated that ShinyHunters may be preparing a data leak site, which some ransomware groups use to publish stolen data and pressure corporate victims into paying ransoms. The group is reportedly linked to other criminal organizations, including "The Com," a well-known cybercrime syndicate that uses hacking, ransomware, and sometimes violent threats to infiltrate networks.

This breach underscores the persistent threat of cyber-attacks and the critical need for robust data protection measures. Companies must remain vigilant and proactive in safeguarding customer data to maintain trust and avoid potential legal and financial repercussions. The incident serves as a reminder of the importance of continuous monitoring and improvement of cybersecurity protocols to protect against evolving threats.

Ticker Buzz

Stay ahead with the latest US stock market happenings.

Latest Articles

AMD Strikes Back: Lands Oracle AI Chip Deal to Challenge Nvidia Dominance

Oct.14 2025

Foxconn and NVIDIA Pioneering 800-Volt Power Revolution in AI Data Centers

Oct.13 2025

OpenAI and Broadcom Join Forces to Power AI Revolution with 10GW Custom Chips

Oct.13 2025

AI Gold Rush or Bubble? OpenAI's Strategic Dance with Nvidia and AMD Sparks Wall Street Debate

Oct.11 2025

Apple's Strategic Play: Acquires Prompt AI to Elevate Home Automation and Visual Recognition

Oct.11 2025

Comments

﻿

Add a public comment...

No comments yet

Ainvest News articles are AI-generated using advanced large language model (LLM) technology designed to analyze and synthesize publicly available data and news. While AI tools assist in producing initial drafts and insights, all AI generated content published on Ainvest is subject to comprehensive human editorial review before publication. A designated human editor reviews, verifies, and approves each article for factual accuracy, coherence, and compliance with AInvest Fintech Inc’s editorial and disclosure standards. Despite these review procedures, the information provided may still contain inaccuracies, incomplete data, or time sensitive references due to the inherent limitations of AI generated analysis and evolving changes. The material is provided strictly for informational and educational purposes and does not constitute personalized investment, legal, or financial advice. Readers should independently verify all facts, figures, and statements before making any decision based on this content. AInvest Fintech Inc. its affiliates, and partners accept no liability or responsibility for any direct or consequential losses arising from reliance on this content. All articles and analyses are subject to revision, update, or removal without prior notice to maintain accuracy and integrity in our publications.