Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers.
"We're writing to let you know about an event that affected a limited set of data in one of Google's corporate Salesforce instances used to communicate with prospective Ads customers," reads a data breach notification shared with BleepingComputer.
"Our records indicate basic business contact information and related notes were impacted by this event."
Google says the exposed information includes business names, phone numbers, and "related notes" for a Google sales agent to contact them again.
The company says that payment information was not exposed and that there is no impact on Ads data in Google Ads Account, Merchant Center, Google Analytics, and other Ads products.
The breach was conducted by threat actors known as ShinyHunters, who have been behind an ongoing wave of data theft attacks targeting Salesforce customers.
While Google has not shared how many individuals were impacted, ShinyHunters says the stolen information contains approximately 2.55 million data records. It is unclear if there are duplicates within these records.
ShinyHunters further told BleepingComputer that they are also working with threat actors associated with "Scattered Spider, who are responsible for first gaining initial access to targeted systems.
"Like we have said repeatedly already, ShinyHunters and Scattered Spider are one and the same," ShinyHunters told BleepingComputer.
"They provide us with initial access and we conduct the dump and exfiltration of the Salesforce CRM instances. Just like we did with Snowflake."
... continue reading