The ShinyHunters threat group has expanded its extortion operations with sophisticated attack methods targeting cloud-based systems across multiple organizations. These cybercriminals use voice phishing and fake harvesting credential websites to steal login information from employees. Once they gain access, they extract sensitive data from cloud software applications and use this information to demand ransom payments from…
Grubhub confirms it’s been hacked after unauthorized actors gain access to internal systems. The attackers reportedly gained access through credentials stolen during the Salesloft breach last August. Salesloft, a sales engagement platform, suffered a compromise that exposed OAuth tokens for multiple integrated services. Those tokens provided persistent access that attackers exploited months later. Grubhub confirmed…
Google has acknowledged a data breach in one of its Salesforce systems carried out by the hacker group ShinyHunters. The breach, which occurred in early June, compromised one of Google’s internal Salesforce instances, exposing contact information and notes related to small and medium businesses. Back then, Google’s Threat Intelligence Group (GTIG) had already warned about…
Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group. In June, Google warned that a threat actor they classify as ‘UNC6040′ is targeting companies’ employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data….
