Around 1B Salesforce customer records have been stolen, claim hackers
What's the story
A hacking group has claimed to have stolen nearly one billion customer records from companies using Salesforce's cloud databases. The group, Scattered Lapsus$ Hunters, is a coalition of members from notorious hacking groups Scattered Spider, Lapsus$, and ShinyHunters. They allegedly broke into the cloud databases of several companies on the Salesforce platform, and stole huge amount of customer data.
Ransom demand
Hackers set up dark web site listing breached companies
The Scattered Lapsus$ Hunters hacking group has set up a dark web site listing the companies it has hacked. The site warns these companies to "contact us to regain control... and prevent public disclosure of your data." This is a common tactic used by hackers to extort money from their victims in exchange for not releasing stolen information.
Previous activities
Hacking group linked to now-banned Telegram channel
The hacking group has also been linked to a now-banned Telegram channel where members coordinated threats and teased leaks. The group is said to have worked together on high-profile campaigns such as the Salesforce database breaches.
Data exposure
Several companies have confirmed customer data was stolen
Insurance firm Allianz Life confirmed a breach affecting most of its 1.4 million US customers, including sensitive details like Social Security numbers. Credit bureau TransUnion also reported that names and Social Security numbers of 4.4 million customers were exposed in the attack. Other companies such as luxury goods conglomerate Kering and airline Qantas also confirmed similar breaches but did not provide further details about the stolen information.
Salesforce's response
Salesforce denies its platform was compromised
Salesforce has denied that its platform was compromised in these attacks. The company said it has been working with affected companies to provide support. However, the hackers did mention Salesforce by name on their leak site, demanding that the company negotiate or risk all "your customers' data will be leaked."