Another Salesforce-linked data breach has ShinyHunters’ fingerprints all over it

Salesforce has disclosed another third-party breach in which criminals - likely ShinyHunters (again) - may have accessed its customers' data.

This time, the suspicious activity involves Gainsight-published applications connected to Salesforce, which are installed and managed directly by customers. 

"Our investigation indicates this activity may have enabled unauthorized access to certain customers' Salesforce data through the app's connection," the CRM giant said in a security advisory published late Wednesday.

"Per our update, upon detecting the activity, Salesforce revoked all active access and refresh tokens associated with Gainsight-published applications connected to Salesforce and temporarily removed those applications from the AppExchange while our investigation continues," Salesforce spokesperson Allen Tsai told The Register. 

Tsai declined to answer specific questions about the breach, including how many customers were compromised - the company has notified those affected, he said - and who is behind the latest theft of Salesforce customers' data. 

"There is no indication that this issue ...