Google & Salesforce Just Got Hit by a Cyberattack

Last Updated:Tuesday, August 19, 2025

This week on Funnel Frontier: Hackers breached Google’s Salesforce data with just a phone call and a fake Data Loader.

Funnel Frontier newsletter mascot

This week:

  • Pega just cracked self-service with bots that actually work
  • Salesforce keeps buying brains to make Agentforce smarter

 

Stat of the Week

34% of businesses using generative AI report exceptional customer service compared to those that don’t. (CRM.org)

 

A hacker, a fake app, and 2.5M records later

A screenshot of an email sent by Google warning of the Salesforce breach

If you thought cyberattacks in 2025 would look like sci-fi… we’re not quite there yet. This one involved a phone call and a fake app.

Google just confirmed a breach that exposed 2.5 million business records, and the attackers didn’t even need to write code. They just impersonated IT and got someone to install a weaponized version of Salesforce Data Loader.

Yup. The hack didn’t exploit some zero-day API vulnerability or bust through OAuth firewalls. It exploited… human trust.

Here’s what actually went down, and why it’s a cautionary tale for any business that stores data in Salesforce (aka all of them).

Voice phishing meets Salesforce Data Loader

The attackers, believed to be the ransomware crew ShinyHunters, used vishing to trick admins into downloading a fake tool disguised as “My Ticket Portal.”

Under the hood? A trojanized version of Salesforce Data Loader, a legit desktop tool that can mass-update, delete, or export CRM records.

They spoofed the UI. Recycled OAuth credentials. Slipped past consent screens. Then, they exfiltrated 2.55 million records before anyone noticed.

The data sat in a Salesforce-run Google database housing SMB contact info, AKA a goldmine for scammers. Google Threat Intelligence Group (GTIG) says it was “mostly public business info.” ShinyHunters says: we’ll see about that.

This wasn’t a Salesforce bug. It was a human one.

Let’s be clear: Salesforce’s tech wasn’t the problem. As Anshul Verma, President of Cynoteck Technology Solutions, put it in his LinkedIn post, this was a “human-centric breach,” a scam that worked because someone got tricked, not because the software failed.

But if your team doesn’t know where tools should be downloaded from, or can’t sniff out a fake interface, that’s an open door waiting to be walked through.

And once that door leads to something as powerful as Data Loader? You’re basically handing hackers the keys to your CRM kingdom.

Learning a lesson, the hard way

Every business wants to move faster, automate more, agentify everything. But with every new plug-in, vendor, and agent, you’re expanding your attack surface.

This wasn’t some janky third-party tool. This was Google using Salesforce, two of the most powerful tech stacks on earth. And they still got hit.

In the AI era, it’s not if you’ll get targeted. It’s how ready you’ll be when it happens.

So:

Don’t download CRM tools from random links. Lock down OAuth. Train your team. And make sure your incident response plan isn’t a dusty PDF in SharePoint.

If hackers can walk through Google’s front door with a fake app and a friendly voice, what’s stopping them from walking into yours?

 

The Week @ CRM.org

All Things CRM Explained. From what CRM actually means to how it powers sales, service, and marketing. We’re breaking it all down, minus the fluff.

10 Best Sales CRMs for 2025. Selling is part art, part science, and part automation. We’ve found the top CRMs that take the guesswork out of closing deals.

Weekly Bloom

Why Emotional Intelligence Still Beats IQ at Work. Hard skills get you hired. Emotional intelligence keeps your team from mutiny.

 

Zoom Virtual Agent can now answer your calls & book appointments

Remember when Zoom was just that video app your cousin used to host game night? Yeah, well now it’s got an AI receptionist who doesn’t sleep, doesn’t transfer you five times, and knows exactly who you need to talk to.

Zoom Virtual Agent (ZVA) is now hooked into Zoom Phone. It can answer calls, handle basic conversations, and route people to the right place, without making them bounce around a call center.

Who actually needs this?

Not everyone has a call center. ZVA is made for teams with scattered staff, low support bandwidth, and no time for voicemail tag.

  • Healthcare: One number routes patients to the right clinic automatically.
  • Education: Routes student calls across medical, housing, and IT support.
  • Enterprise: Even big teams win—ZVA collects context so agents aren’t starting cold.

And since it’s all Zoom, you get UCaaS, CCaaS, and AI on one platform—no duct tape required.

Your new front desk doesn’t take PTO

Besides picking up the phone, ZVA is also great at:

  • Booking appointments
  • Providing order updates
  • Collecting caller info and context
  • Translating customer intent into actual workflows

It's like an IVR that went to finishing school and then got a GPT-5 brain implant.

Zoom says setup takes minutes (no-code), supports six major languages, and yes—they’re planning to add more.

RingCentral did it first. Zoom just made it louder.

Sure, RingCentral launched its AIR (AI Receptionist) earlier this year. And 1,000+ businesses jumped on it. But Zoom’s been quietly planting ZVA into contact centers for a while. This move just extends it.

The play? Zoom wants to own the full experience—from first ring to resolution—all under one roof.

And unlike most vendors, they’re not using AI just to summarize meetings and fix your grammar.

They’re building agents that do stuff.

Also in the Zoom-verse...

While they were at it, Zoom also:

  • Became one of the first to integrate GPT-5 into their AI stack
  • Launched AI Companion auto-scheduling (bye-bye calendar ping-pong)
  • Added a new Zoom Hub to surface files and meeting assets on command
  • Upgraded Team Chat with message drafting and file summarization

In short: Zoom isn’t just tacking on AI features. It’s trying to be the AI-first comms platform.

And ZVA on Zoom Phone is one more step in that direction—turning the humble business call into an AI-powered concierge experience.

Whether your customer is booking a haircut or reporting a power outage, this bot’s picking up.

 

Galactic Gourmet

CRM blips from around the web

NiCE and Salesforce Deepen Partnership. NICE is bringing CXone Mpower’s AI orchestration into Service Cloud. The integration promises seamless agent handoffs, zero-copy data sharing, and smarter service workflows across voice, chat, and CRM.

Microsoft to Scrap All Enterprise Discounts on Online Services. Starting Nov. 1, 2025, Microsoft will end volume licensing discounts for all online services, potentially spiking costs for large organizations by 20–30%. Enterprises are urged to lock in deals now.

AWS and Microsoft Abandon Voice Biometrics Amid Deepfake Risks. AWS, Microsoft, and Google are backing away from voice authentication as deepfake threats and spoofing vulnerabilities mount, making voice biometrics too risky for large-scale use.

 

If you'd like weekly CRM news like this delivered to your inbox, subscribe to Funnel Frontier!