ShinyHunters hackers are ransoming 1 billion Salesforce records

Does your company use SalesForce? A group of hackers may well steal your data. Or, at least, they want you to think so.

On Friday, cybersecurity researchers found a website in a dark web, which is trying to extort the victims of a large violation of SalesForce data. In accordance with TechcrunchFirst of all, they reported this story, hackers argue that in recent weeks about one billion records of customers from companies that use SalesForce have been stolen.

The data include the records of the own customers of each company, which are stored in cloud databases managed by Salesforce, a company known for its cloud business software.

Hackers list numerous companies that, according to them, have become victims of this violation, including Fedex, Toyota and Disney Hulu. Some companies, Such as Google and Credit Report Company Transunion, there is confirmed that their data was recently stolen In violation of Salesforce; Nevertheless, they do not appear on the web site Ransom, for unknown reasons.

The speed of light of waving

Hackers standing behind the website previously proceeded under names such as Scatted Spider, Shinyhunters and Lapsus $. A dark website that published a leak is called Scatted Lapsus $ Hunters.

Mashable previously reported in this hacker team. The group took responsibility for numerous loud hacks in recent years, including Tubiletacuster violation And At & t data leakThe field goals of the group vary from Large airlines The creators of the video game behind Grand Theft AutoField

“Contact us to restore control of data management and prevent the public disclosure of your data,” says the dark web site of hackers. Technological crunchThe field “Do not be the next heading. All messages require strict verification and will be processed at their discretion. ”

The hacker group seems to be trying to extort Salesforce directly. The group threatens to release the data of the company's customers if SalesForce does not pay a ransom.

In response, Salesforce released Security Consultations On your web -sash called “Constant answer to the threats of social engineering”:

We know about the recent attempts of extorting threats that we investigated in partnership with external experts and authorities. Our results show that these attempts are associated with past or unreasonable incidents, and we still interact with affected customers to provide support. Currently, there are no signs that the SalesForce platform has been compromised, and this is not due to some kind of well -known vulnerability in our technology.

We understand how these situations can be. The protection of the environment and customer data remains our main priority, and our security groups are fully involved in providing management and support. Since we continue to monitor the situation, we urge customers to remain vigilant regarding attempts by phishing and social engineering, which remain a general tactic for threat participants.

Leave a Comment