Overview
- The new site lists 39 alleged victims and publishes data samples, warning that full datasets will be released after October 10 unless contacted.
- Operators claim possession of roughly one billion records stored in Salesforce-hosted databases and separately urge Salesforce to negotiate to avert wider disclosure.
- Salesforce says its probe found no indication of a platform compromise or new vulnerability and describes the extortion as tied to past or unsubstantiated incidents.
- Security researchers report the breaches leveraged voice phishing and malicious OAuth app approvals that enabled large-scale extraction of Salesforce CRM data.
- Allianz Life, Google, Kering, Qantas, Stellantis, TransUnion, and Workday have confirmed data thefts, while brands named on the site such as FedEx, Hulu, and Toyota have not publicly confirmed.