Google Acknowledges Major Security Breach as ShinyHunters Hackers Steal Sensitive Corporate Data and Business Contacts in Coordinated Cyberattack

In today’s digital landscape, cyberattacks are on the rise, with hackers continuously finding new vulnerabilities that allow them to access sensitive information. This surge in attacks has fostered a growing mistrust among businesses and consumers alike. While Google has been in the spotlight for its market dominance and ongoing legal challenges, recent events have shifted the focus to a significant cybersecurity incident. The tech behemoth has recently reported a data breach associated with the ShinyHunters ransomware group, notorious for targeting corporate networks.

Google’s Data Breach: What Was Stolen and Its Implications

In a confirmation shared by Google, a targeted cyberattack occurred in June 2025, which exposed flaws in its system and permitted unauthorized access to its corporate Salesforce databases. The attack was executed by the infamous ShinyHunters group, also referred to as UNC6040. Fortunately, the breach’s impact was contained; core systems and confidential consumer data remained unaffected. However, this incident has unveiled a critical vulnerability in Google’s supply chain security.

The Google Threat Intelligence Group (GTIG) has reported that hackers employed a voice phishing strategy, masquerading as internal IT personnel to manipulate employees into installing a compromised version of Salesforce’s Data Loader. This tactic enabled them to infiltrate the database before detection. The compromised data predominantly included business contact details and related client information, with no payment information or personal data reported stolen.

Despite ShinyHunters’ previous history of making ransom demands in similar breaches, Google did not indicate any such actions in this case. This lack of ransom demand does not lessen the significance of the breach, as cybersecurity experts warn that the frequency of these attacks is increasing, affecting more organizations each month. What is particularly concerning is the fact that Google’s own security team had been tracking ShinyHunters’ cyber activity yet still could not thwart this successful intrusion.

While it might seem that the breach poses limited risks since no sensitive consumer data was affected, it raises alarms about potential future phishing attacks utilizing the stolen business contact information. Thus, this incident serves as a critical reminder: even major tech companies like Google, equipped with advanced security measures, are not impervious to cyber threats.

Source & Images