ShinyHunters Breach Gainsight Apps on Salesforce, Claim Data from 1000 Firms

ShinyHunters breached Gainsight apps integrated with Salesforce, claiming access to data from 1000 firms using stolen credentials and compromised tokens.

Salesforce, a renowned customer relationship management (CRM) platform, has confirmed it is dealing with a significant security incident. The company announced late Wednesday that some of its customers’ data was likely accessed by an outside party through an issue involving apps published by Gainsight, a company that provides customer success software.

“Our investigation indicates this activity may have enabled unauthorised access to certain customers’ Salesforce data through the app’s connection,” Salesforce’s official update stated.

The problem lies with the access tokens used by Gainsight’s connected applications, which are basically special digital keys allowing the apps to link to Salesforce systems. Attackers managed to steal and use these keys to bypass normal security.

Salesforce responded fast, immediately revoking all active tokens for the affected Gainsight apps and removing ...