Salesforce Refuses to Pay Extortion Demand Following 1 Billion Records Breach
In a bold move, Salesforce has announced that it will not pay an extortion demand made by a crime syndicate claiming to have stolen approximately 1 billion records from dozens of its customers. The threat group, identified as Scattered LAPSUS Hunters, began their campaign in May with voice calls to organizations using the Salesforce platform.
According to Mandiant, a cybersecurity firm that tracks the group as UNC6040, the attackers would pose as legitimate callers and convince targets to connect an attacker-controlled app to their Salesforce portal. "It's becoming a real mess," said a spokesperson for Mandiant. "The fact that many of these organizations complied with the attackers' demands is alarming."
The Scattered LAPSUS Hunters group has been linked to three prolific data-extortion actors: Scattered Spider, LAPSuS, and ShinyHunters. Earlier this month, they created a website naming 40 Salesforce customers whose data was stolen in the campaign, including Toyota and FedEx.
Salesforce's decision not to pay the extortion demand is seen as a significant development in the ongoing battle against cybercrime. "We will not be intimidated by these threats," said a spokesperson for Salesforce. "Our focus remains on protecting our customers' data and providing them with the best possible security solutions."
The breach highlights the growing threat of data-extortion attacks, which have become increasingly sophisticated in recent years. These types of attacks often involve attackers threatening to release sensitive information unless a ransom is paid.
In this case, the Scattered LAPSUS Hunters group claims to have stolen 1 billion records from Salesforce customers. While the exact nature and scope of the breach are still unclear, it is evident that the attackers have made significant inroads into the Salesforce ecosystem.
The implications of this breach are far-reaching, with potential consequences for both individual organizations and the broader cybersecurity community. As one expert noted, "This type of attack highlights the need for robust security measures and a proactive approach to threat detection."
Salesforce has assured its customers that it is working closely with law enforcement agencies to investigate the breach and bring those responsible to justice. The company has also emphasized its commitment to protecting customer data and providing them with the necessary tools and resources to prevent similar attacks in the future.
As the investigation continues, one thing is clear: the Scattered LAPSUS Hunters group will not be able to extort money from Salesforce or its customers without facing significant consequences.
*Reporting by Arstechnica.*
Salesforce Defies Extortionists After 1 Billion Records Stolen from Customers
1
0
