
"Calling themselves Scattered LAPSUS$ Hunters, the miscreants appear to be members of the notorious Lapsus$, Scattered Spider, and ShinyHunters groups. Lapsus$ has been inactive since 2022, when Scattered Spider emerged. ShinyHunters first appeared in 2020 and joined forces with Scattered Spider earlier this year. They jointly announced their retirement last month. The hackers, who claim the theft of a total of roughly 1 billion records from the affected organizations' Salesforce instances, told DataBreaches that other businesses have been hit as well,"
"On a new Tor-based leak site, Scattered LAPSUS$ Hunters has listed 39 organizations targeted in their recent Salesforce campaign, claiming the theft of their data from Salesforce instances and threatening to leak it unless the CRM provider pays a ransom. The list includes known brands such as Adidas, Air France/KLM, Allianz Life, Cisco, Dior, Disney, FedEx, Google, Home Depot, Kering, Louis Vuitton, Qantas, Stellantis, Toyota, TransUnion, UPS, and Workday."
"In a notice on its website, Salesforce said it had no indication that its platform might have been hacked, and that the group's claims do not appear related to vulnerabilities in its platform. "We are aware of recent extortion attempts by threat actors, which we have investigated in partnership with external experts and authorities. Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support," Salesforce said."
An apparent collective calling itself Scattered LAPSUS$ Hunters claims to have stolen large volumes of data from dozens of Salesforce customers and is demanding ransom from Salesforce and victims. The group claims roughly 1 billion records were taken from affected Salesforce instances and listed 39 targeted organizations on a Tor-based leak site. Targeted brands include Adidas, Air France/KLM, Allianz Life, Cisco, Dior, Disney, FedEx, Google, Home Depot, Kering, Louis Vuitton, Qantas, Stellantis, Toyota, TransUnion, UPS, and Workday. Salesforce reports no indication its platform was hacked and states the claims appear unrelated to platform vulnerabilities. External investigators and authorities are involved in inquiries.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]