August 30, Saturday:
Over 2.5 billion Gmail users globally have been advised to be careful after a cyberattack is traced to Salesforce's cloud platform. Google sent an urgent warning requesting users to change their passwords and implement additional security measures after finding hackers using stolen information in phishing attacks, as per a report by The Economic Times.
Salesforce data breach exposes Gmail users to vulnerabilities
Google clarified that its own infrastructure is not compromised, but a break into Salesforce's cloud database has put individuals and organizations out in the open for cybercriminals to target. ShinyHunters affiliate hackers have allegedly used the compromised data to run malicious attacks, such as spoofed sign-in pages and social engineering attacks. Google's Threat Analysis Group (TAG) reported that these attacks usually trick victims into divulging their login details or two-factor codes.
The Economic Times report underscored that Google officially informed victims on August 8, cautioning that the swiped information, while initially rudimentary, has now been "weaponised" to increase threats.
What users of Gmail should do now
To assist users in protecting their accounts, Google has advised various precautionary measures:
• Update Gmail passwords regularly.
• Activating two factor authentication for added protection.
• Caution against suspicious mails, especially those claiming to be from Google.
• Checking accounts regularly for abnormal use.
Although Google said that the majority of its users already have strong passwords but they don't regularly change or update them, making the accounts more vulnerable to being hacked. By pairing strong credentials with regular changes and multi factor authentication, Gmail users can significantly limit their exposure to attacks and stay safe.
The ShinyHunters group who are active since 2020, has in the past been tied to breaches of AT&T, Microsoft, and Ticketmaster and it has been raising concerns over the future threats.
