#salesforce-data-breach

[ follow ]
#oauth-token-theft #salesloft-compromise #extortion #oauth-token-compromise #salesloftdrift
fromDataBreaches.Net
1 week ago

ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks - DataBreaches.Net

The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. For the past year, the threat actors have been targeting Salesforce customers in data theft attacks using social engineering and malicious OAuth applications to breach Salesforce instances and download data. The stolen data is then used to extort companies into paying a ransom to prevent the data from being publicly leaked.
Information security
Information security
fromwww.theregister.com
3 weeks ago

Zscaler customer data also nabbed in Salesloft Drift attacks

Stolen Salesloft Drift OAuth tokens enabled attackers to exfiltrate Salesforce customer data, exposing contacts, cases, opportunities, and commercial information for multiple companies.
[ Load more ]