Suche
Mein Konto
Massive data theft: 1 billion Salesforce records at risk!
Cybercriminals claim to have stolen 1 billion data from Salesforce, attack via vishing. Security alerts are rising.
Massive data theft: 1 billion Salesforce records at risk!
Cybercriminals have stolen nearly 1 billion records from companies using Salesforce, according to recent reports. The perpetrators, who present themselves as part of the hacker group “LAPSUS$” and call themselves “Scattered LAPSUS$ Hunters,” claim to have carried out their attacks using “vishing” techniques. In these manipulations, they pose as employees or technical staff in order to deceive help desk employees and obtain sensitive information. These activities were detailed in a report on dailyhodl.com.
The hackers are using modified versions of Salesforce’s Data Loader tool to extract data from the affected environments. However, Salesforce itself has emphasized that there is “no evidence that the Salesforce platform has been compromised.” The company is currently working with affected customers to provide support and investigate the extortion attempts. It remains to be seen whether the information published by the hacking group on its dark web leak page, where a list of around 40 alleged compromised companies was published, is actually accurate.
Investigations and previous arrests
British police have already arrested four people under the age of 21 in connection with previous attacks on retailers. Cybersecurity experts have expressed concern that these operations may be connected to a larger criminal ecosystem known as “The Com.” This organization is known for carrying out multiple attacks on companies across a wide range of industries.
The warning of John Hultquist, an analyst at Google's cyber security department, is particularly worrying. He emphasizes that US retailers are increasingly confronted with cyber attacks that contain ransomware and blackmail tactics. Google also reports that the UNC3944 group has been using ransomware and data theft generation since the beginning of 2023, including various industries, including financial services and food services.
The current situation clearly shows the dangers resulting from the hybrid nature of cyber attacks. Companies are increasingly required to strengthen their security measures and arm themselves against attackers' increasingly sophisticated methods.