What’s new: Google has confirmed a data breach involving one of its Salesforce CRM instances, which exposed basic business contact information of potential Google Ads customers. The breach was conducted by the threat actor group ShinyHunters, who have been targeting Salesforce customers. Exposed data includes business names, phone numbers, and related notes, but no payment information was compromised. Approximately 2.55 million records may have been affected.
Who’s affected
Potential Google Ads customers whose basic business contact information was stored in the compromised Salesforce instance may be affected. The exact number of individuals impacted has not been disclosed.
What to do
- Review and monitor any communications from Google regarding the breach.
- Ensure that all Salesforce accounts are secured with strong, unique passwords and enable multi-factor authentication.
- Be vigilant for phishing attempts or social engineering attacks that may arise following the breach.
