The Directorate General of Information Systems Security in Morocco, through the Cybersecurity Monitoring and Response Center (maCERT), has reported significant security breaches targeting the data of Google account users.
The statement clarified that a group of hackers known as ShinyHunters or UNC6040 managed to breach Google’s internal database through Salesforce, stealing information pertaining to hundreds of millions of accounts.
The source confirmed that the stolen data includes general information such as usernames, companies, and phone numbers, while passwords remain secure. Nonetheless, this information can be exploited in focused phishing attacks targeting users.
The announcement indicated that some Gmail users have received phishing messages or calls from individuals claiming to be Google employees, alleging that a security breach has occurred in their accounts, posing a direct threat to their digital security.
maCERT urged all users to heighten their vigilance, monitor any notifications related to their accounts, and enable two-factor authentication (2FA) to ensure the protection of their personal data from hacking and phishing attempts.
