A cyber extortion group, claiming links to ShinyHunters, Scattered Spider, and Lapsus$, has launched a data leak site targeting companies affected by Salesforce breaches. They are demanding ransom payments and warning of data leaks involving well-known brands and organizations. #ShinyHunters #Lapsus$ #SalesforceBreach
Keypoints
- The extortion group has created a new data leak site with details of affected companies and stolen data samples.
- High-profile organizations like FedEx, Disney, Google, and IKEA are among those targeted or impacted.
- The attackers have used voice phishing and OAuth token theft to access Salesforce data and threaten further extortion.
- Salesforce has stated no known vulnerabilities or platform compromise related to the breaches.
- The threat group demands ransom payments to prevent data leaks and claims to target affected companies with future attacks.