ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH

Keypoints

  • ShinyHunters is linked to recent data breaches affecting prominent companies through social engineering tactics.
  • Attackers impersonated IT support and used vishing and phishing pages to steal login credentials and MFA tokens.
  • Multiple affected organizations include LVMH subsidiaries, Adidas, Qantas, and Allianz, targeting their CRM systems.
  • The threat group may overlap with Scattered Spider and Lapsus$, and may act as extortion-as-a-service.
  • Salesforce emphasizes that their platform remains secure, urging customers to adopt best security practices like MFA and restricted app access.

Read More: https://www.bleepingcomputer.com/news/security/shinyhunters-behind-salesforce-data-theft-attacks-at-qantas-allianz-life-and-lvmh/