Particle.news
Download on the App Store
6 ARTICLES
·
2h ago

Hackers Launch 'Scattered LAPSUS$ Hunters' Leak Site Claiming 1 Billion Salesforce-Hosted Records

The coalition opened a dark-web site setting an October 10 deadline to pressure companies to pay.

Image
Image
A logo of Salesforce is seen at its exhibition space, at the Viva Technology conference dedicated to innovation and startups at the Porte de Versailles exhibition center in Paris, France June 16, 2022. REUTERS/Benoit Tessier
Image

Overview

  • The new site lists 39 alleged victims and publishes data samples, warning that full datasets will be released after October 10 unless contacted.
  • Operators claim possession of roughly one billion records stored in Salesforce-hosted databases and separately urge Salesforce to negotiate to avert wider disclosure.
  • Salesforce says its probe found no indication of a platform compromise or new vulnerability and describes the extortion as tied to past or unsubstantiated incidents.
  • Security researchers report the breaches leveraged voice phishing and malicious OAuth app approvals that enabled large-scale extraction of Salesforce CRM data.
  • Allianz Life, Google, Kering, Qantas, Stellantis, TransUnion, and Workday have confirmed data thefts, while brands named on the site such as FedEx, Hulu, and Toyota have not publicly confirmed.