Pandora has experienced a data breach, compromising customer names, birthdates, and emails through a Salesforce database attack. This incident highlights the ongoing threat of social engineering and phishing campaigns targeting enterprise platforms like Salesforce. #Salesforce #ShinyHunters
Keypoints
- Pandora’s customer data was accessed via a third-party platform, likely Salesforce.
- The stolen information includes only names, birthdates, and email addresses, with no financial data compromised.
- Threat actors have been conducting sophisticated social engineering and phishing campaigns since early 2025.
- Companies are urged to follow Salesforce’s security recommendations, including enabling multi-factor authentication.
- Other impacted organizations include Adidas, Qantas, Allianz, Louis Vuitton, Dior, and Tiffany & Co.