"Now, a cadre of the customers are taking the San Francisco tech giant to court. Salesforce has now been sued at least 14 times over the data thefts in Northern California District Court this September, court records obtained by SFGATE show. The barrage features 23 plaintiffs, hundreds of pages of legal filings and, varying by the lawsuit, a few high-profile co-defendants: TransUnion, Allianz Life Insurance, Farmers Insurance, Workday and Pandora Jewelry."
"Google's Threat Intelligence team diagnosed some of the hacks in June, with the cybersecurity group writing that representatives from a hacker group impersonate IT support personnel on voice calls with companies' workers, and trick them into "authorizing a malicious connected app to their organization's Salesforce portal." "This step inadvertently grants [the hacker group] significant capabilities to access, query, and exfiltrate sensitive information directly from the compromised Salesforce customer environments," Google's team wrote."
A wave of cyberattacks targeted corporate Salesforce accounts, allowing hackers to extract extensive customer data. At least 14 lawsuits with 23 plaintiffs in Northern California allege Salesforce failed to secure its platform and seek class-action status, naming various corporate co-defendants. Google Threat Intelligence reported attackers impersonated IT support on voice calls to trick employees into authorizing a malicious connected app, which granted the intruders capabilities to access and exfiltrate sensitive data from customer environments. The attackers, identified as ShinyHunters, may publish stolen data or extort victims, including by privately emailing ransom demands. Salesforce maintains the breaches did not stem from vulnerabilities in its technology.
Read at SFGATE
Unable to calculate read time
Collection
[
|
...
]