Google Confirms Massive Data Heist: 200 Companies Hit in Gainsight Supply Chain Hack

Google has confirmed that hackers stole the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. The breach was disclosed by Salesforce on Thursday, which stated that certain customers' data was stolen via apps published by Gainsight, a customer support platform provider to other companies. According to a statement from Austin Larsen, principal threat analyst of Google Threat Intelligence Group, the company is aware of more than 200 potentially affected Salesforce instances. Salesforce did not name the affected companies, but the notorious hacking group Scattered Lapsus Hunters, which includes the ShinyHunters gang, claimed responsibility for the hacks in a Telegram channel, which TechCrunch has seen. The group claimed responsibility for hacks affecting Atlassian, CrowdStrike, Docusign, F5, GitLab, LinkedIn, Malwarebytes, SonicWall, Thomson Reuters, and Verizon. In a statement, Austin Larsen said, "We are aware of more than 200 potentially affected Salesforce instances and are working closely with the company to understand the scope of the breach." Larsen's statement highlights the scale of the breach, which has significant implications for the affected companies and their customers. Gainsight's customer support platform is designed to help companies manage their customer relationships and provide support to their customers. The platform is used by a wide range of companies, including those in the tech industry. The breach highlights the importance of supply chain security and the need for companies to ensure that their third-party vendors are secure. The breach also raises concerns about the security of Salesforce's data storage practices. Salesforce stores data for its customers, including sensitive information such as customer names, email addresses, and financial information. The breach highlights the need for companies to ensure that their data is secure and protected from unauthorized access. The Scattered Lapsus Hunters hacking group has been linked to several high-profile breaches in the past, including a breach of the software company F5 in 2021. The group's use of Telegram to claim responsibility for the hacks suggests that they are using the platform to communicate with other hackers and coordinate their attacks. The breach has significant implications for the affected companies and their customers. The companies affected by the breach will need to take steps to notify their customers and provide them with information about the breach. They will also need to take steps to protect their customers' data and prevent further unauthorized access. As the investigation into the breach continues, it is likely that more information will come to light about the scope and impact of the breach. The breach highlights the need for companies to prioritize supply chain security and ensure that their third-party vendors are secure. It also highlights the need for companies to take steps to protect their customers' data and prevent further unauthorized access. Google, Salesforce, and the affected companies are working closely together to understand the scope of the breach and prevent further unauthorized access. The investigation is ongoing, and it is likely that more information will come to light in the coming days and weeks.