Hacking group claims theft of 1 billion records from Salesforce customer databases | TechCrunch
Key Takeaways
- A hacking group (known as Lapsus$, Scattered Spider, ShinyHunters) launched a dark web site to extort victims.
- The group claims to have stolen about a billion records from companies using Salesforce cloud databases.
- High-profile victims confirmed to have data stolen include Allianz Life, Google, Kering, Qantas, and Stellantis.
- The hackers are directly threatening Salesforce to negotiate a ransom to prevent customer data leaks.
- Salesforce acknowledged the extortion attempts but stated there is no indication their platform was compromised.
A notorious and loosely organized hacking group, known under aliases such as Lapsus$, Scattered Spider, and ShinyHunters, has launched a dedicated data leak site on the dark web to extort victims. This group is threatening to release approximately one billion customer records stolen from various companies that utilize cloud databases hosted by Salesforce. Several major entities, including Allianz Life, Google, Kering, Qantas, Stellantis, TransUnion, and Workday, have confirmed data theft, and the leak site also lists others like FedEx and Hulu. The hackers demand payment to prevent public disclosure, directly threatening Salesforce to negotiate a ransom for its customers' data. Salesforce has acknowledged the extortion attempts, stating their findings suggest the incidents are past or unsubstantiated, and affirming that their platform itself has not been compromised, though they are supporting affected customers.
