ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data

ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid.

ShinyHunters, the notorious group of hackers, has issued a final warning to roughly 400 organisations, claiming to have successfully broken into their private records. The group is threatening to leak this sensitive information onto the internet unless their extortion demands are met. According to previous research firm Mandiant, the hackers are specifically targeting websites built using Salesforce Experience Cloud, a popular tool businesses use to create public portals and help centres.

How the Information Was Taken

The issue centres on how these websites are set up for public use. Salesforce provides a guest user profile so that random visitors can see basic information without needing to log in. However, if a company’s settings are too open, it essentially leaves a security gap. Investigation has revealed ...