"On Thursday, Salesforce disclosed a breach of "certain customers' Salesforce data" - without naming affected companies - that was stolen via apps published by Gainsight, which provides a customer support platform to other companies. In a statement, Austin Larsen, the principal threat analyst of Google Threat Intelligence Group, said that the company "is aware of more than 200 potentially affected Salesforce instances.""
"The hacking group claimed responsibility for hacks affecting Atlassian, CrowdStrike, Docusign, F5, GitLab, Linkedin, Malwarebytes, SonicWall, Thomson Reuters, and Verizon. Contact Us Do you have more information about these Salesforce and Gainsight data breaches? Or other data breaches? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email. You also can contact TechCrunch via SecureDrop. Google would not comment on specific victims."
Salesforce data from more than 200 company instances was stolen through apps published by Gainsight, a customer support platform provider. Google Threat Intelligence Group identified over 200 potentially affected Salesforce instances. The hacking group Scattered Lapsus$ Hunters, which includes the ShinyHunters gang, claimed responsibility and listed multiple technology and enterprise firms among affected organizations. Google declined to comment on specific victims. CrowdStrike said it was not affected, stated customer data remains secure, and said it terminated a suspicious insider. Malwarebytes acknowledged awareness and is actively investigating. Several companies were contacted and some confirmed receipt of outreach. Secure contact channels were provided for tips.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]