The hacker group ShinyHunters has launched a new website to leak stolen information, using it to blackmail 39 organizations that were attacked recently in Salesforce. They even gave themselves a new brand: "Scattered Lapsus$ Hunters." On their website, they have already posted sample data and told companies to pay or else "we will leak everything if no payment is received by October 10."
The hackers were able to gain access to:
Now, if your company uses Salesforce (and many companies do), you are probably thinking: “Could this happen to us?” The answer is yes - unless everyone is super cautious!
If I worked at one of those companies, I would ensure everyone is educated on the importance of not trusting random phone calls or links because it only take the click of one thing to get written up in the news.
Big Companies Targeted
This is not about small businesses. The victims they are targeting comprise massive companies that we all know:- Google, FedEx, Disney/Hulu, Cisco, Toyota, Marriott
- Home Depot, Gap, McDonald’s, Walgreens, Instacart
- Adidas, Cartier, Chanel, IKEA, Air France, UPS
What Hackers Want
These hackers are not only pressuring their 39 companies, they also have Salesforce in their sights and are outlining the following demands:- Salesforce must pay, or they’ll release 1 billion records they stole from multiple companies.
- If Salesforce pays, they won’t continue to go after its customers.
- If Salesforce does not pay, the hackers will release all the data they stole, as well as provide assistance to outside lawyers in their lawsuits against Salesforce for violating their privacy policy.
How the Attack Worked
So, how does ShinyHunters break in? They used a tactic called voice phishing, and by doing so, they called employees and tricked them into connecting sham apps with their Salesforce account.The hackers were able to gain access to:
- Customer and employee records
- Company databases
- Passwords, AWS keys, and Snowflake tokens
Why Does This Matter
This attack shows a larger idea: even the biggest organizations can come to a halt if only one staff member clicks something incorrect. Hackers are not simply stealing data, they are also pressuring companies for ransom and threats.Now, if your company uses Salesforce (and many companies do), you are probably thinking: “Could this happen to us?” The answer is yes - unless everyone is super cautious!
Final Thoughts
ShinyHunters are currently running a website where they plan to leak the stolen Salesforce data. They are forcing 39 companies to pay. Salesforce is now under extreme pressure.If I worked at one of those companies, I would ensure everyone is educated on the importance of not trusting random phone calls or links because it only take the click of one thing to get written up in the news.
