New Salesforce Extortion Campaign Could Impact 1 Billion Records

 Cybercriminals connected to a recent string of ransomware attacks on major British retailers have claimed to have stolen nearly 1 billion records from companies that store customer data in cloud databases hosted by Salesforce.

 The same hacking collective—known by aliases such as Lapsus$, Scattered Spider, and ShinyHunters—launched a dark web site called Scattered LAPSUS$ Hunters in early October to extort victims, threatening to publish stolen information unless a ransom is paid.

The hackers’ site, first spotted by threat researchers and reported by TechCrunch October 3, demands ransom payments from companies to prevent the release of stolen data. 

The group alleges it has breached the databases of dozens of major companies—including Allianz Life, Google, Kering, Qantas, Stellantis, TransUnion, and Workday—by exploiting access to Salesforce-based environments. Other high-profile names such as FedEx, Hulu, and Toyota Motors also appear on the leak site.

While some organizations have confirmed data exposure, it’s unclear whether others have quietly paid ransoms to prevent public release. A spokesperson for Salesforce said the company is aware of the extortion attempts but maintains there is no evidence that its core platform was compromised.

“Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support,” Salesforce stated.

TransUnion Another Recent Target

Another recent victim of the Salesforce breach is credit reporting giant TransUnion, already reeling from a September breach affecting 4.4 million individuals, has acknowledged that its recent incident involved a third-party platform used for U.S. consumer support operations—likely connected to this broader Salesforce-linked campaign.

The company confirmed that while credit reports and core credit data were not accessed, the exposed information includes names, birthdates, and Social Security numbers—enough to enable identity theft. Impacted consumers are being offered 24 months of free credit monitoring and fraud assistance.

https://enfortra.com/new-salesforce-extortion-campaign-could-impact-1-billion-records/

Comments

Post a Comment

Popular posts from this blog

Business fraud Protection a requirement to remain Secure Online

  Identity robbery may be a first-rate situation and zip seems worse than losing your identity and every one your economic facts. within the web global, identities can easily be stolen, abused and wont to such volume that your profession, financial capability, and personal relationships could also be broken. fraud can show up to all or any folks . The worst part is, it's ready to occur discreetly, without you understanding that your identification has already been stolen. within the web world, it is possible that an individual is residing the utilization of your identity .   There are several ways on how you'll protect your identification on line and display your credit report on a standard foundation . Business fraud protection are very discreet when stealing identities and credits hence the necessity to repeatedly maintain an eye fixed to your credit records and credit score reports. Read on to seek out out approaches on how you'll shield your identification:  ...
Read more

Safeguarding Businesses in the Digital Age

  The Rising Need for Cybersecurity In an era where data is a cornerstone of business success, protecting sensitive information has never been more critical. Identity Protection Solution For Businesses offers a robust framework to shield companies from the growing threat of cyberattacks. As organizations increasingly rely on digital platforms to manage operations, customer interactions, and financial transactions, the risk of identity theft and data breaches escalates. These threats can lead to significant financial losses, reputational damage, and legal repercussions. By implementing comprehensive security measures, businesses can safeguard their assets and maintain trust with clients and partners, ensuring resilience in a rapidly evolving digital landscape. Understanding Identity Protection Solutions The essence of an Identity Protection Solution For Businesses lies in its ability to secure sensitive data and prevent unauthorized access. These solutions encompass a range of...
Read more

How Identity Protection Solutions Safeguard Businesses from Cyber Threats

  In today's digital landscape, businesses face increasing threats from cybercriminals who exploit vulnerabilities to gain unauthorized access to sensitive information. An effective identity protection solution for businesses is no longer a luxury but a necessity. Organizations must implement advanced security measures to safeguard customer data, employee records, and proprietary information. With cyberattacks evolving in complexity, breach detection services play a crucial role in identifying potential threats before they cause irreparable damage. Cyber threats have significantly escalated in recent years, affecting companies of all sizes and industries. Data breaches, phishing attacks, and identity theft can lead to severe financial losses and reputational damage. Without a proactive approach to cybersecurity, businesses remain at risk of falling victim to these attacks. A comprehensive identity protection solution for businesses includes real-time monitoring, risk assessment,...
Read more