Google, In Salesforce based systems Following the data violation 2.5 billion Gmail and Google Cloud He sent a warning to change their passwords. The company stated that the customer data is not affected directly, while the attackers turned the incident into an opportunity and increased identity hunt attacks.
The violation was limited to Google’s corporate Salesforce database. However, it was seen that the information released was used for the fake entry screens of the attackers and the methods of fishing. Google stressed that user data is safe However, security risks have grown indirectly. This led to fake emails to look much more convincing. In addition, it was revealed by reports that attackers focused on social engineering methods. In spite of everything, the company has included users in the process with rapid information.
Google has explained its security suggestions extensively. Renewing their passwords from users and Two -Stage Verification (2FA) They were asked to add. Besides, the new generation Passkey It was announced that the method is a safer entry option. The company also updates users’ recovery information and device entries Google Security Checkup He suggested them to control them. However, it was emphasized that only the change of password would not be sufficient and the additional security layers became compulsory. In addition, it was reminded that it should be cautious against unexpected telephone calls or verification requests.
Google wants users to change their safety habits after data violation
A well -known group in the background of the violation Shinyhunters is. Previously, this group, which has been on the agenda with attacks on companies such as Ticket, AT&T and Allianz, uses deficits in different systems for identity hunting methods. According to Google’s statements, the attack did not directly affect Gmail accounts, but the attackers began to send more convincing e-mails, taking advantage of the seized data. These e-mails include fake entry links and user information is collected in this way. Despite this, Google stressed that Gmail accounts have not been seized. On the other hand, security experts reported that such attacks could spread rapidly and raise risks on a global scale.
Google, as well as renewal of the password, as well as additional security programs drew attention. Advanced Protection Program Within the scope, more powerful verification methods can be commissioned. This program is especially recommended for journalists, politicians and users of high -risk users. In addition, the company launched additional audits in security centers. In order to raise awareness of the users against attacks, collective e-mails and blog posts and warnings were made. In this process, inspections were increased for the closure of weaknesses in third -party systems. Thus, the effects of the attack were tried to be limited.
Shortly after Google’s warning, the company announced the Shinyhunters group’s initiatives for Salesforce -based systems. This statement was the first step of the security process. Later, the company made e-mail references to inform users directly. Group, before Pizza hut And it was also linked to data leaks in different global brands. For this reason, the structure behind the event has similar characteristics with past attacks. Google, simultaneous security operation centers strengthened teams in charge. However, after the violation, third -party business partners also frequently filed security inspections. All these steps were implemented to limit the effects of the incident.
Google asked Gmail users to quickly apply security measures. The company reiterated that care should be careful against suspicious e-mails and connections. The accounts of those who do not update the password may become more open to attacks. Users should follow the entry movements regularly and use security tools. Thus, it was aimed to protect both personal data and Gmail accounts used for business purposes.