Salesforce Facing Major Cyber Threat: Billion Records at Risk
Salesforce faces a renewed threat from cybercriminals, with a group claiming to have accessed data from around 40 companies using the platform. The group, now calling itself Scattered LAPSUS$ Hunters, is demanding a hefty ransom to prevent a billion customer records from being leaked online.
Google's internal Salesforce environment was hit by a similar attack in June, according to the Google Threat Intelligence Group (GTIG). The threat is linked to the UNC6040 group, known for telephone social engineering attacks, or vishing. Salesforce, however, has no evidence that its own platform has been hacked, considering the threats based on previous or unconfirmed incidents.
The reemergence of Scattered LAPSUS$ Hunters, associated with previous cybercrime activities, indicates that financially motivated cyber groups remain active despite arrests and promises to stop. The group is demanding $989 million to prevent the data leak. Both Google and Salesforce recommend organizations to bolster security by implementing measures such as limited rights for Data Loader use, strict control of connected apps, IP-based access restrictions, and mandatory multi-factor authentication.
The threat from cybercriminals targeting Salesforce is serious, with a group claiming to have accessed data from around 40 companies. The demand for a substantial ransom highlights the financial motivation behind these attacks. Organizations are urged to strengthen their security measures to protect customer data.
