A hacker group has claimed responsibility for stealing nearly 1 billion records from Salesforce by targeting companies that use its software. The cybercriminals, calling themselves “Scattered LAPSUS$ Hunters,” also took credit for earlier cyberattacks on several major British retailers, including Marks and Spencer, Co-op, and Jaguar Land Rover.
The group alleged that the stolen data contains personally identifiable information of users. However, Salesforce denied that its systems were compromised. “At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerability in our technology,” a company spokesperson said.
One of the hackers, identified as Shiny, told a news agency that they did not hack Salesforce directly but instead used “vishing” attacks on its customers. Vishing, or voice phishing, is a form of social engineering where hackers impersonate company employees to trick IT help desks into providing access.
The group also published a leak site on the dark web listing about 40 companies it claimed to have breached. It remains unclear whether those companies are Salesforce clients. Both Salesforce and the hackers declined to confirm if any ransom negotiations were taking place.
In June, security researchers from a major technology firm reported that the same group, tracked as “UNC6040,” had been successful in deceiving employees into installing a tampered version of Salesforce’s Data Loader tool, which is used to import bulk data. Investigators also noted that the group’s technical operations share similarities with “The Com,” a loosely organised cybercriminal network known for engaging in coordinated hacking and other illicit activities.
In July, British authorities arrested four individuals under the age of 21 in connection with cyberattacks that disrupted operations at several UK retailers.
While the hackers’ claims about stealing almost a billion records remain unverified, the incident highlights the growing threat of social engineering attacks targeting cloud service users and enterprise IT systems.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
