-
Google was targeted by AI-driven cyberattack via Salesforce, using AI-generated phishing calls and emails to trick employees into installing malware
-
Attackers accessed basic business contact data for small and medium customers; Google swiftly responded, cutting access and mitigating impacts
Google has confirmed that it was hit by a cyberattack driven by artificial intelligence (AI), making it the latest major tech company to face such threats.
The attack, linked to the financially motivated group UNC6040, targeted one of Google’s corporate Salesforce instances. Hackers used AI to create convincing emails and phone calls that mimicked trusted sources, tricking employees into installing malware. The method mirrors a recent wave of attacks on Microsoft SharePoint servers worldwide.
Cybersecurity experts warn that AI is rapidly becoming a preferred weapon for criminals. Richard Cassidy, EMEA Chief Information Security Officer at Rubrik, noted that advanced AI tools and growing digitalisation, without matching investment in cyber defences, are fueling the surge.
According to Google, UNC6040 impersonated IT support staff to persuade workers to install malicious connected apps disguised as Salesforce’s Data Loader. This allowed attackers to access systems and steal sensitive information secretly.
Google stated it quickly responded, conducted an impact assessment, and began mitigation efforts. The breach was limited to contact details and notes for small and medium-sized businesses. Most of the stolen data was basic and publicly available, including business names and contact information.
The company assured that access was cut off within a short window, reducing the potential damage. However, the incident highlights growing concerns about AI-enabled cyber threats and the need for stronger organisational resilience.
Discussion about this post