NewNow you can hear Fox News article!
When a hospital or a non -profit falls on a cyber attack, it is difficult to blame. Cyber security is not their strength, and many people lack budget for a dedicated security team, give it to a Chief Technology Officer alone.
But when a technical giant like Google experiences a data breech, it raises serious questions. Is data safety slipping in the company’s priority list? Or today’s cyber criminals are so advanced that they are struggling to keep Google’s top engineers too?
What happened here: Google has recently confirmed that hackers have stolen customer data by breaking one of their internal databases. Breach targeted a system in which salesfors were used, a popular cloud-based platform companies to manage customer relations, use business contact information and track interactions. The attack has been linked to a known danger group.
Sign up for my free cyber report
Take my best technical tips, immediate safety alerts and exclusive deals directly to your inbox. In addition, you will get immediate access to my final scam survival guide – when you join me Cyberguy.com/newsletter
Dior data breech exposes us the personal information of customers
A Google Sign on the banks of a building (Kurt “Cybergui” Notson)
What you should know about Google Data Brech
Google has confirmed that a hacking group known as shinyhunters steals customer data from one of its internal salesforce databases used to manage business customer relationships. The company revealed the violation in a blog post published in early August, given that stolen data included “basic and large -scale publicly available business information, such as business names and contact details.”
What is Artificial Intelligence (AI)?
The Breach was performed by Shinhoreslers, a famous cyber criminal group formally tracked as UnC6040. The group has recently been associated with a string of high-profile events involving companies such as AT&T, Ticketmaster, Allianz Life and Pendora. In this case, the attackers targeted Google’s corporate salesforce systems, which the company uses to store contact information and notes about small and medium -sized businesses.
According to Google’s Threat Intelligence Group, the attackers trusted voice phishing, or “wisting”, motivated company employees to celebrate IT support and login credentials in phone calls. This technique has proved effective against many organizations in recent months.
A man using Google Search Engine on his laptop (Kurt “Cybergui” Notson)
No company is safe from cyber attack
Google did not specify how many customers were affected by breech. Asked for the comment, a company spokesperson pointed to cyberguji back to the blog post and refused to expand. It is also not clear whether Google has received any type of ransom from the group.
Cisco, Qantas and Pendora have reported all similar violations in recent months, which are now part of a comprehensive campaign targeting cloud-based customer relationship management equipment.
In his blog post, Google warned that Shinyhunters could create a public leakage site. The ransomware gangs often use this strategy to evacuate companies, which threaten to publish stolen data. The group allegedly shares infrastructure and personnel with other cyber criminal collectives, including com, which runs forcibly recovery operations and in some cases, releases the threats of physical violence.
Google Search Engine (Kurt “Cybergui” Notson)
9 ways to be safe from voice phishing and social engineering attack
While organizations such as Google can be the major goals, individuals are often the weakest links that exploit the attackers. But with some smart practices, you can dramatically reduce your risk.
1. Never share login credentials on phone
Google breech occurred because the employees gave sensitive information on the phone call. Any valid IT team will ask you to share your password or 2FA code on the phone anytime. If someone does, it is a major red flag.
2. Always verify who is calling
If someone claims to be from your company’s IT department or service provider, hang and call back using the official number. Never rely on the number displayed on the caller ID.
3. Enable two-factor authentication (2fa)
Even if credentials are compromised, two-factor authentication (2FA) can block unauthorized access by adding an additional layer of security. This ensures that a password alone is not enough to break into your accounts.
Get Fox Business when you click here
4. Beware of fishing links also
Fishing emails and messages often include links that take you to fake websites designed to steal your login credentials or personal information. These messages usually create a sense of urgency, ask you to verify the account, reset password or claim reward. Instead of clicking on the link, take a moment to inspect the message.
The best way to protect yourself from malicious links is to install antivirus software on all your devices. This security can also make you alert for email and ransomware scams, keeping your personal information and digital assets safe.
Get my pics for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices Cyberguy.com/Lockupyourtch
5. Use data removal service
Attackers are able to meet fishing, smoching and wishing attacks as your personal data is easily available online. The less publicly accessible it is, the more difficult it is that it is ready to assure the scams for them.
While no service promises to remove all your data from the Internet, if you want to continuously monitor and automate the process of removing your information from hundreds of sites continuously over a long period, a removal service is very good.
See my top pics for data removal services and get a free scan to find out if your personal information is already on the web Cyberguy.com/Delete
Get a free scan to know if your personal information is already on the web: Cyberguy.com/freescan
6. Keep your software and browsers up to date
The attackers often exploit old software with known weaknesses. Ensure that your operating system, browser, plugins and apps are always running the latest versions. Enable auto updates wherever possible, to avoid missing important patches.
7. Use a password manager with fishing detection
A good password manager does not store just strong, unique password; If you are on a suspicious site it can also alert you. If your password manager refuses to autofil your login, it may mean that the site is fake.
Check the best expert-review password managers of 2025 Cyberguy.com/passwords
8. Monitor your accounts for abnormal activity
If you suspect a violation, look at your accounts for unauthorized login, password reset email or other suspicious behavior. Set the alert when possible. Many online services provide login information or dashboard that show recent access history.
9. Report fishing efforts
If you receive a wishing or fishing effort, report it to your organization’s IT/security team or appropriate government agency (such as reportfrede. FISOV). Reporting helps to close these scams faster and can protect others.
Click here to get Fox News app
Kurt’s key to Techway
While the data exposed in the case of Google may be limited, the brech highlights the constant vulnerability in the corporate system: people. Shinoors are becoming more effective in taking advantage of that weakness. Is there even more about the rise of Vishing, also known as Voice Fishing. Vishing is not new, but its growing success suggests how delicate the well -defined systems can be even when involved in human error.
How confident are you in your company’s cyber security awareness training? Write us and tell us Cyberguy.com/Contact
Sign up for my free cyber report
Take my best technical tips, immediate safety alerts and exclusive deals directly to your inbox. In addition, you will get immediate access to my final scam survival guide – when you join me Cyberguy.com/newsletter
Copyright 2025 cyberguy.com. All rights reserved.
