Put a pin in this one

I feel like it’s been forever and a day since we talked about a major data breach on this blog, which is not to say they haven’t been happening, they just haven’t come up.

If ever there was a time to revisit this topic, however, it would be the news of an alleged Google data breach, or lack thereof? Jury’s still out on that one. To be completely clear there were some voice-phishing campaigns perpetrated by hacker collective ShinyHunters in June of this year which managed to export some Salesforce data, which Google confirmed early in August.

What they did not confirm however was that the hackers had managed to breach Gmail, threatening user data. On that account Google has strongly denied the accusations, calling the claims false or inaccurate. “We want to reassure our users that Gmail’s protections are strong and effective.” They wrote in a recent product news posting.

Now, I don’t know about all of you, but if the first thing a major corporation does is reassure me that they haven’t been hacked, I’m going to be strongly concerned that they may have been hacked. Look back at similar major issues occurring with Equifax, Yahoo, or Uber and you have a concerning track record of misinformation and cover-ups. A study by Bitdefender in 2023 found that nearly a third of companies keep their security breaches confidential.

Maybe there’s nothing to any of this and Google has been completely transparent about its security situation. I have been known to wear a tinfoil hat now and again.

However, if you see Google executives selling stock it might be a good idea to change your Gmail password.