Qantas Response

Salesforce Refuses Ransom as Hacker Collective Lists 39 Victims, Sets Oct. 10 Deadline

Investigations point to social engineering with stolen OAuth tokens against customer environments, not a breach of Salesforce itself.