Keypoints
- ShinyHunters is linked to recent data breaches affecting prominent companies through social engineering tactics.
- Attackers impersonated IT support and used vishing and phishing pages to steal login credentials and MFA tokens.
- Multiple affected organizations include LVMH subsidiaries, Adidas, Qantas, and Allianz, targeting their CRM systems.
- The threat group may overlap with Scattered Spider and Lapsus$, and may act as extortion-as-a-service.
- Salesforce emphasizes that their platform remains secure, urging customers to adopt best security practices like MFA and restricted app access.