Salesforce Details Supply Chain Attack Targeting Gainsight

Cybercrime Group ShinyHunters Claims to Steal Data From 300 Organizations Mathew J. Schwartz (euroinfosec) • November 24, 2025

Hackers who took responsibility for stealing Salesforce data through integrated customer relationship software published by Gainsight claimed to have robbed more than 300 organizations.

See Also: Why Cyberattackers Love 'Living Off the Land'

In a post to a new Telegram channel launched Friday, cybercrime group Scattered Lapsus$ Hunters asserted that victims include F5, GitLab, SonicWall and Verizon (see: ShinyHunters Hack Salesforce Instances Via Gainsight Apps).

Members of the Scattered Lapsus$ Hunters collective, largely comprised of Western adolescents, said that when combined with data stolen this past summer from users of the Salesloft Drift app, a forthcoming data leak site will feature information stolen from 1,000 organizations.

Gainsight hasn't confirmed how many customer organizations' data was stolen. The company said that when Salesforce first detected signs of the ...