Alphabet(US:GOOG) Reuters·2026-02-25 11:04Core Insights - Google has disrupted a Chinese-linked hacking group known as UNC2814, which has breached at least 53 organizations across 42 countries, indicating a significant global cyber threat [1][1][1] Group 1: Hacking Group Operations - The hacking group, also referred to as "Gallium," has a history of nearly a decade targeting government organizations and telecommunications companies [1] - Google and its partners terminated Google Cloud projects controlled by the hacking group and disabled their internet infrastructure [1][1] - The group utilized Google Sheets to evade detection, blending their activities into normal network traffic without compromising any Google products [1][1] Group 2: Targeting and Data Theft - The group confirmed access to 53 unnamed entities and had potential access in at least 22 more countries at the time of disruption [1] - In one instance, the group installed a backdoor called "GRIDTIDE" on a system containing sensitive personal information, including full names, phone numbers, and national ID numbers [1][1] - The targeting efforts align with previous campaigns aimed at exfiltrating call data records and monitoring SMS messages [1][1] Group 3: Responses and Reactions - A spokesperson from the Chinese Embassy stated that cybersecurity is a common challenge and should be addressed through dialogue and cooperation, while rejecting allegations of hacking activities [1] - Google differentiated this activity from another Chinese hacking campaign known as "Salt Typhoon," which targeted hundreds of U.S. organizations and political figures [1][1]