Extortion Group Leaks Millions of Records From Salesforce Hacks

The Scattered LAPSUS$ Hunters extortion group has leaked millions of records allegedly stolen in a recent campaign targeting Salesforce customers.

The leak occurred days after the group, an offshoot of the notorious Lapsus$, Scattered Spider, and ShinyHunters hackers, claimed the theft of data from 39 Salesforce customers, threatening to leak it unless the CRM provider pays a ransom.

Salesforce, which stated that the extortion attempt is related to “past or unsubstantiated incidents”, refused to pay, and the hackers have published on their Tor-based leak site data allegedly pertaining to Albertsons, Engie Resources, Fujifilm, GAP, Qantas, and Vietnam Airlines.

The threat actors also provided links to the leaked data to paying users on a surface-web forum, and then published the data for free on another clear-net website.

In a statement on its website, Qantas, which obtained a court injunction to block access to the allegedly stolen information, confirmed it was analyzing ...