CSOonline

Extortion gang opens data leak site to squeeze victims of its Salesforce attacks

The Scattered Lapsus$ Hunters gang, which says it has stolen data from the Salesforce instances of dozens of international companies in recent months, upped its extortion game today by listing their ...
Krebs on Security

The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many ...
Bleeping Computer

ShinyHunters claims ongoing Salesforce Aura data theft attacks

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters ...
Law

Lawsuits Over Salesforce-Linked Data Breaches to Test Third-Party Vendors’ Liability

Companies that handle large volumes of customers’ personal information have been repeatedly targeted by cyberattacks in recent years, and there is nothing new about third-party software vendors being ...
Infosecurity-magazine.com

New Data Theft Campaign Targets Salesforce via Salesloft App

Salesforce customers have again been targeted in a “widespread data theft campaign,” this time via compromised OAuth tokens associated with the third-party Salesloft Drift application. Salesloft Drift ...
Bleeping Computer

Salesforce investigates customer data theft via Gainsight breach

Salesforce says it revoked refresh tokens linked to Gainsight-published applications while investigating a new wave of data theft attacks targeting customers. The cloud-based software company noted ...