Overview
- The Register says it has viewed 15 filings in recent weeks in Northern California, with many cases seeking class certification and injunctive relief.
- Complaints allege stolen personal data has heightened identity‑theft risk, naming co‑defendants including TransUnion, Allianz, Farmers, Workday, and Pandora.
- Google’s Threat Intelligence Group reports attackers tricked employees into authorizing malicious connected apps rather than exploiting a Salesforce platform vulnerability.
- Filings cite token theft tied to Salesloft’s Drift integration following a March 2025 GitHub breach, and Salesforce subsequently revoked Drift’s access.
- Company notices and state filings indicate millions affected, including nearly 4.5 million at TransUnion and more than a million each at Allianz and Farmers, with reports linking extortion efforts to ShinyHunters.