Google acknowledged a security incident targeting its corporate systems during June 2025. The ShinyHunters ransomware collective, also known as UNC6040, executed the attack against the technology company's infrastructure. Hackers employed voice phishing tactics by impersonating internal IT staff members through telephone calls to employees. The criminals convinced workers to install a modified version of Salesforce's Data Loader application.
The breach allowed unauthorized access to corporate Salesforce databases containing business contact information and client details. Google's Threat Intelligence Group confirmed that personal information, payment data, and consumer records remained secure throughout the incident. The attack demonstrates persistent vulnerabilities within corporate supply chains despite advanced security measures. Cybersecurity specialists warn that similar attacks against major organizations continue to increase monthly. The compromised business contacts present future risks for additional phishing campaigns targeting affected parties.
The breach allowed unauthorized access to corporate Salesforce databases containing business contact information and client details. Google's Threat Intelligence Group confirmed that personal information, payment data, and consumer records remained secure throughout the incident. The attack demonstrates persistent vulnerabilities within corporate supply chains despite advanced security measures. Cybersecurity specialists warn that similar attacks against major organizations continue to increase monthly. The compromised business contacts present future risks for additional phishing campaigns targeting affected parties.
