Google confirms data breach after cyberattack on Salesforce database: What's leaked
Posted on: Aug 07, 2025 18:03 IST | Posted by: Livemint
Google has confirmed that ace of its Salesforce systems used for storing little and spiritualist business concern middleman data was briefly compromised by a cybercriminal group known as UNC6040, which uses voice phishing or “vishing”, to trick employees into handing over access to sensitive tools.
Hackers impersonated IT support staff
The attackers used a social engineering technique where they impersonated IT support staff during phone calls, convincing employees to authorise malicious software connected to their Salesforce environment. This allowed the group to access and extract basic business contact details, most of which, Google says, were already publicly available, before the breach was detected and stopped.
Notably, the group behind the attack, UNC6040, is known for targeting Salesforce platforms by abusing tools like the “Data Loader” app, a legitimate application that allows bulk data handling. In many cases, the hackers use fake versions of this app with misleading names, such as “My Ticket Portal,” to avoid detection during the phishing calls.
In an evolving trend, the group has shifted from using official Salesforce tools to custom-made Python scripts for data theft, making it harder to trace their activity. They also reportedly use VPNs and the dark web network TOR to hide their identity and location.
Possible public data leak site in the works
Another linked group, UNC6240, has followed up on these data thefts with extortion attempts, often contacting company employees by email or phone, demanding bitcoin payments within 72 hours. These messages claim to be from the hacking group “ShinyHunters,” a name familiar in the cybercrime world.
Google’s threat intelligence unit believes the extortion group may soon launch a website to publicly leak stolen data, a common pressure tactic among cybercriminals.
The broader concern is that these attacks do not exploit flaws in Salesforce itself but rather human error, tricking employees into allowing access through seemingly routine IT support calls. Companies are being urged to tighten access controls, restrict permissions to sensitive tools, limit app installations, and train staff to recognise social engineering scams.
Global News Perspectives
In today's interconnected world, staying informed about global events is more important than ever. ZisNews provides news coverage from multiple countries, allowing you to compare how different regions report on the same stories. This unique approach helps you gain a broader and more balanced understanding of international affairs. Whether it's politics, business, technology, or cultural trends, ZisNews ensures that you get a well-rounded perspective rather than a one-sided view. Expand your knowledge and see how global narratives unfold from different angles.
Customizable News Feed
At ZisNews, we understand that not every news story interests everyone. That's why we offer a customizable news feed, allowing you to control what you see. By adding keywords, you can filter out unwanted news, blocking articles that contain specific words in their titles or descriptions. This feature enables you to create a personalized experience where you only receive content that aligns with your interests. Register today to take full advantage of this functionality and enjoy a distraction-free news feed.
Like or Comment on News
Stay engaged with the news by interacting with stories that matter to you. Like or dislike articles based on your opinion, and share your thoughts in the comments section. Join discussions, see what others are saying, and be a part of an informed community that values meaningful conversations.
Download the Android App
For a seamless news experience, download the ZisNews Android app. Get instant notifications based on your selected categories and stay updated on breaking news. The app also allows you to block unwanted news, ensuring that you only receive content that aligns with your preferences. Stay connected anytime, anywhere.
Diverse News Categories
With ZisNews, you can explore a wide range of topics, ensuring that you never miss important developments. From Technology and Science to Sports, Politics, and Entertainment, we bring you the latest updates from the world's most trusted sources. Whether you are interested in groundbreaking scientific discoveries, tech innovations, or major sports events, our platform keeps you updated in real-time. Our carefully curated news selection helps you stay ahead, providing accurate and relevant stories tailored to diverse interests.
No comments yet.