ShinyHunters Exploit Salesforce Weakness, Leak 989M Records from Global Airlines and Firms

ShinyHunters Leak Alleged Data From Qantas, Vietnam Airlines, and Other Major Firms On October 3, 2025, the hacking collective ShinyHunters claimed to have stolen 989 million records from 39 major companies worldwide by exploiting a Salesforce vulnerability. The group demanded negotiations with Salesforce and the affected firms before October 10, 2025, warning of further releases if their demands were ignored. Now, six of the targeted companies' data has been leaked online, allegedly containing personal details of customers, including email addresses, full names, addresses, passport numbers, and phone numbers. The leaked companies are Fujifilm, GAP, INC., Vietnam Airlines, Engie Resources, Qantas Airways Limited, and Albertsons Companies, Inc. According to a Telegram post from the hackers, "A lot of people are asking what else will be leaked. Nothing else will be leaked. Everything that was leaked was leaked." The group's decision not to release additional information has sparked debate among cybersecurity experts. The leak is attributed to ShinyHunters' exploitation of a Salesforce vulnerability, which allowed them to access sensitive data from multiple companies. "This incident highlights the importance of robust security measures and regular updates," said Dr. Maria Rodriguez, a cybersecurity expert at Stanford University. "Companies must prioritize their customers' data protection and invest in AI-powered threat detection tools." The leaked records contain personal details that could be used for identity theft or phishing attacks. "We urge all affected individuals to monitor their accounts closely and report any suspicious activity," said a spokesperson for Qantas Airways Limited. Salesforce has acknowledged the vulnerability but declined to comment on the specifics of the hack. The company's statement reads, "We take the security of our customers' data very seriously and are working closely with law enforcement agencies to investigate this incident." The ShinyHunters leak is part of a growing trend of large-scale data breaches attributed to AI-powered hacking groups. As technology advances, cybersecurity experts warn that companies must adapt their defenses to stay ahead of these threats. Background ShinyHunters' claim to have stolen 989 million records from 39 major companies worldwide has sparked concerns about the vulnerability of Salesforce's systems. The group's demands for negotiations with Salesforce and the affected firms before October 10, 2025, have raised questions about their motivations and potential consequences. Additional Perspectives Cybersecurity experts warn that the ShinyHunters leak is a wake-up call for companies to prioritize data protection and invest in AI-powered threat detection tools. "This incident highlights the importance of robust security measures and regular updates," said Dr. Maria Rodriguez, a cybersecurity expert at Stanford University. Current Status and Next Developments The leaked records contain personal details that could be used for identity theft or phishing attacks. Qantas Airways Limited has urged all affected individuals to monitor their accounts closely and report any suspicious activity. Salesforce has acknowledged the vulnerability but declined to comment on the specifics of the hack. The company's statement reads, "We take the security of our customers' data very seriously and are working closely with law enforcement agencies to investigate this incident." *Reporting by Yro.*