Scattered LAPSUS$ Hunters Claim Salesforce Breach, 1B Records, 39 Firms Listed

A new leak site has gone live, operated by the notorious group calling itself “Scattered Lapsus$ Hunters,” (a coalition that combines the tactics and branding of Scattered Spider, Lapsu$, and ShinyHunters) and it carries a bold claim that Salesforce, one of the largest SaaS and CRM providers in the world, has been breached and close to one billion records (989 million records) are up for sale.

The group says the attack took place in mid-2024 and that the stolen data amounts to multiple terabytes. In messages posted to their site, they allege the data includes highly sensitive personal information such as Social Security numbers, driver’s licenses, and dates of birth. They are now demanding that Salesforce negotiate before an October 10, 2025, deadline, warning that failure to do so will result in the release of the full ...