Salesforce is actively investigating extortion attempts by the Scattered Spider group, which has published a data leak site claiming to have stolen data from major organizations. Although there is no evidence of Salesforce platform vulnerabilities, threat actors continue to target organizations through social engineering and phishing tactics. #ScatteredSpider #SocialEngineering
Keypoints
- The Scattered Spider group created a data leak site threatening Salesforce and its customers.
- Salesforceβs investigation suggests the threats relate to past or unverified incidents, not platform vulnerabilities.
- The group exploits social engineering tactics, such as impersonating IT support to access Salesforce data.
- Most victims, including Google, had their Salesforce data limited to publicly available business information.
- Cybercriminals affiliated with Scattered Spider have reportedly extorted over $115 million across 120 attacks since 2022.
Read More: https://therecord.media/salesforce-scattered-spider-extortion-site