Tech

2 min read

Hackers Exploit Gainsight Apps, Steal Data from Over 200 Companies via Salesforce

Nov 22, 2025

Hackers Exploit Gainsight Apps, Steal Data from Over 200 Companies via Salesforce

Google has confirmed that hackers stole the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. The breach was disclosed by Salesforce on Thursday, which revealed that certain customers' data was stolen via apps published by Gainsight, a customer support platform provider to other companies. According to Austin Larsen, principal threat analyst of Google Threat Intelligence Group, the company is aware of more than 200 potentially affected Salesforce instances. Salesforce's disclosure came after the notorious hacking group Scattered Lapsus Hunters, which includes the ShinyHunters gang, claimed responsibility for the hacks in a Telegram channel. The group claimed responsibility for hacks affecting Atlassian, CrowdStrike, Docusign, F5, GitLab, LinkedIn, Malwarebytes, SonicWall, Thomson Reuters, and Verizon. Scattered Lapsus Hunters is known for its involvement in high-profile data breaches and has been linked to various hacking groups. Gainsight's customer support platform is used by numerous companies to manage their customer relationships and provide support services. The platform's integration with Salesforce allows companies to store and manage their customer data within the Salesforce ecosystem. However, the breach highlights the risks associated with supply chain attacks, where hackers target third-party vendors or service providers to gain access to sensitive data. The breach has significant implications for the affected companies and their customers. "This is a wake-up call for companies to review their supply chain security and ensure that their third-party vendors are following best practices for data security," said a cybersecurity expert, who wished to remain anonymous. "Companies need to be proactive in identifying and mitigating potential security risks to prevent such breaches from occurring in the future." The current status of the breach is that Google and Salesforce are working together to investigate the incident and provide support to the affected companies. Scattered Lapsus Hunters has not released any further information about the breach, and it is unclear what data was stolen or how it was used. The incident highlights the need for companies to prioritize data security and implement robust measures to protect their sensitive information. As the investigation continues, companies are advised to review their security protocols and ensure that their third-party vendors are following best practices for data security. The breach serves as a reminder of the importance of supply chain security and the need for companies to be proactive in identifying and mitigating potential security risks.

Multi-Source Journalism

This article synthesizes reporting from multiple credible news sources to provide comprehensive, balanced coverage.

AI Analysis

Pro 🧠

Get instant insights, key points & analysis

Discussion

Join 0 others in the conversation

Comments

Likes

Views

Share Your Thoughts

Your voice matters in this discussion

Press Enter to add line breaks Tap to expand

Keep it respectful and constructive Be respectful

Start the Conversation

Be the first to share your thoughts and engage with this article. Your perspective matters!

More Stories

Discover more articles

Tech 2 months, 1 week ago

"Hackers Infiltrate Jaguar Land Rover, Sensitive Data at Risk"

Jaguar Land Rover has confirmed a cyber-attack attributed to Scattered Lapsus Hunters, which may have compromised sensitive data affecting around 1,000 vehicles per day. Initially denying customer information was stolen, JLR now admits some data was

Hoppi

7 ❤️ 0

World 1 month ago

Foreign Hackers Exploit SharePoint Flaws to Breach US Nuclear Plant

Foreign hackers have breached a US nuclear weapons plant in Kansas City, exploiting unpatched vulnerabilities in Microsoft's SharePoint software that were disclosed just weeks earlier. The intrusion, which occurred in August, has raised concerns abou

Hoppi

1 ❤️ 0

Tech 1 month, 2 weeks ago

Renault Warns UK Customers of Data Theft After Cyber-Attack on Third-Party Provider

Renault UK has fallen victim to a cyber-attack on a third-party data processing provider, resulting in the theft of customers' personal data. While no financial information was accessed, sensitive details such as names, addresses, and vehicle registr

Hoppi

0 ❤️ 0

Tech 1 month ago

Prosper Data Breach Exposes 17.6 Million Users to Identity Theft Risk

Financial services firm Prosper has suffered a massive data breach, exposing the personal details of approximately 17.6 million individuals, including Social Security numbers, income information, and government IDs. The company is offering free credi

Hoppi

0 ❤️ 0

World 1 month ago

Nation-State Hackers Wreak Havoc on F5 Network, Exposing Thousands to Risk

A major cybersecurity breach at F5, a US-based software maker, has left thousands of networks vulnerable to hacking by a nation-state group. The company's network was compromised for an extended period, allowing the hackers to access sensitive inform

Hoppi

1 ❤️ 0

Tech 4 days, 20 hours ago

DoorDash Users Exposed: Social Engineering Attack Compromises Phone Numbers and Addresses

DoorDash has confirmed a data breach that exposed users' personal information, including names, email addresses, phone numbers, and physical addresses, but assured that no sensitive financial data was accessed. The breach, caused by a social engineer

Byte_Bear

1 ❤️ 0

Tech 1 month, 2 weeks ago

Renault Warns UK Customers of Cyber-Attack on Data Provider

Renault UK has fallen victim to a cyber-attack on a third-party data processing provider, resulting in the theft of customers' personal data. While no financial information was compromised, sensitive details such as names, addresses, and vehicle iden

Hoppi

1 ❤️ 0

World 1 month ago

Nation-State Hackers Wreak Havoc on F5 Network, Thousands at Risk

A major software maker, F5, has disclosed a breach by a sophisticated nation-state hacking group, which had been secretly operating within their network for an extended period. The hackers gained control of F5's update system and accessed sensitive i

Hoppi

1 ❤️ 0

Tech 1 month, 2 weeks ago

Red Hat's Private GitLab Repositories Breached: Cybercrime Group Exposes Customer Data

Red Hat's private GitLab repositories have been breached by cybercrooks known as Crimson Collective, resulting in the potential theft of customer information and confidential source code from some Red Hat Consulting customers. The severity of the bre

Hoppi

1 ❤️ 0

World 1 month, 1 week ago

"Ransomware Hack Exposes Thousands of Personal Records"

Asahi, Japan's largest brewer, has been investigating a ransomware attack that disrupted its operations and potentially stole personal data. The company halted beer production at most of its 30 Japanese factories, but has since partially reopened the

Hoppi

0 ❤️ 0

Tech 14 hours, 56 minutes ago

CrowdStrike Fires Insider Accused of Leaking Sensitive Data to Hackers

Cybersecurity firm CrowdStrike has terminated an employee suspected of sharing internal company information with notorious hacking group Scattered Lapsus Hunters, following a breach allegedly linked to a recent hack at customer relationship managemen

Hoppi

1 ❤️ 0

Business 1 month, 1 week ago

Discord's Data Breach: Third-Party Vendor Takes Blame Amid Hack Denials

Discord's customer service partner, 5CA, has released a statement denying involvement in a data breach that affected approximately 70,000 users, contradicting Discord's earlier claims that it was the target of a hack. According to 5CA, the incident o

Hoppi

1 ❤️ 0

Tech 1 month, 3 weeks ago

Neon App Halted After Exposing Users' Phone Numbers and Call Data to Hackers

A popular iPhone app, Neon, has been taken offline after a security flaw was discovered that allowed users to access others' phone numbers, call recordings, and transcripts without permission. The vulnerability was exposed when TechCrunch tested the

Hoppi

4 ❤️ 0

AI Insights 1 month, 3 weeks ago

DEVELOPING: Hackers Alert Harrods to Massive Data Heist, 430,000 Customer Records Stolen.

Luxury department store Harrods has fallen victim to a massive IT breach, with hackers stealing sensitive customer data from a third-party provider. Approximately 430,000 customer records were compromised, but fortunately, no payment details or order

Hoppi

2 ❤️ 0

Tech 1 day, 8 hours ago

Salesforce Warns of Data Exposure Through Gainsight Apps

Salesforce has confirmed an investigation into a data breach affecting certain customers, which occurred through compromised apps published by Gainsight, a customer management platform provider. The breach appears to be linked to Gainsight's external

Pixel_Panda

1 ❤️ 0

Tech 14 hours, 56 minutes ago

Google Confirms Massive Data Heist: 200 Companies Hit in Gainsight Supply Chain Hack

In a major supply chain hack, hackers have stolen data from over 200 companies whose customer support information was stored on Salesforce, with the breach linked to a vulnerability in Gainsight's customer support platform. The notorious hacking grou

Cyber_Cat

1 ❤️ 0

Tech 1 month, 3 weeks ago

Chinese Hackers Launch Widespread Cyber Assault on US Software and Law Firms Amid Trade Tensions

Chinese state-sponsored hackers have launched a sophisticated campaign against US software developers and law firms, stealing proprietary technology and sensitive data that could aid Beijing in its trade dispute with Washington. The hacking operation

Hoppi

5 ❤️ 0

Tech 2 hours, 58 minutes ago

CrowdStrike Fires Insider Over Alleged Data Leak to Notorious Hackers

CrowdStrike has terminated an employee suspected of sharing internal company information with the notorious hacking collective Scattered Lapsus Hunters, which claims to have compromised the company through a breach at customer relationship management

Hoppi

0 ❤️ 0

World 1 month ago

Nation-State Hackers Infiltrate F5 Network, Imperiling Thousands of Customers Worldwide

A major cybersecurity breach at F5, a US-based networking software company, has left thousands of global networks vulnerable to hacking by a nation-state group. The attackers, believed to have been inside F5's network for years, gained control of the

Hoppi

2 ❤️ 0

Tech 1 month, 1 week ago

Salesforce Defies Extortionists After 1 Billion Records Stolen from Customers

Salesforce is refusing to comply with an extortion demand from a crime syndicate that claims to have stolen over 1 billion records from dozens of its customers. The threat group, known as Scattered LAPSUS Hunters, has been making demands since May an

Hoppi

1 ❤️ 0

Tech 2 weeks ago

Washington Post Confirms Oracle Hack Impact: Data Breach Exposed

A widespread data breach linked to Oracle's E-Business Suite platform has compromised sensitive information from over 100 companies, including The Washington Post, with hackers exploiting multiple vulnerabilities to steal business data and employee r

Hoppi

0 ❤️ 0

World 1 month ago

Nation-State Hackers Lurk Inside F5 Network, Threatening Thousands Globally

A major breach at F5, a US-based software maker, has left thousands of networks worldwide vulnerable to hacking by a nation-state threat group. The hackers, who have been inside F5's network for an estimated years, gained control of the company's upd

Hoppi

1 ❤️ 0

AI Insights 1 month, 1 week ago

ShinyHunters Exploit Salesforce Weakness, Leak 989M Records from Global Airlines and Firms

A group of hackers claiming affiliation with ShinyHunters has published allegedly stolen data from six major companies, including Qantas Airways, Vietnam Airlines, and Fujifilm. The compromised records contain sensitive customer information such as e

Hoppi

1 ❤️ 0

Tech 1 day, 20 hours ago

Salesforce Investigates Data Breach Linked to Gainsight Apps

Salesforce is investigating a data breach that occurred through apps published by Gainsight, a customer management platform, which accessed certain customer data through external connections to Salesforce. The breach does not appear to be related to

Byte_Bear

0 ❤️ 0

Welcome to Crene

Hackers Exploit Gainsight Apps, Steal Data from Over 200 Companies via Salesforce

Share & Engage Share

Share this article

AI Analysis

Discussion

Share Your Thoughts

Start the Conversation

More Stories

"Hackers Infiltrate Jaguar Land Rover, Sensitive Data at Risk"

Foreign Hackers Exploit SharePoint Flaws to Breach US Nuclear Plant

Renault Warns UK Customers of Data Theft After Cyber-Attack on Third-Party Provider

Prosper Data Breach Exposes 17.6 Million Users to Identity Theft Risk

Nation-State Hackers Wreak Havoc on F5 Network, Exposing Thousands to Risk

DoorDash Users Exposed: Social Engineering Attack Compromises Phone Numbers and Addresses

Renault Warns UK Customers of Cyber-Attack on Data Provider

Nation-State Hackers Wreak Havoc on F5 Network, Thousands at Risk

Red Hat's Private GitLab Repositories Breached: Cybercrime Group Exposes Customer Data

"Ransomware Hack Exposes Thousands of Personal Records"

CrowdStrike Fires Insider Accused of Leaking Sensitive Data to Hackers

Discord's Data Breach: Third-Party Vendor Takes Blame Amid Hack Denials

Neon App Halted After Exposing Users' Phone Numbers and Call Data to Hackers

DEVELOPING: Hackers Alert Harrods to Massive Data Heist, 430,000 Customer Records Stolen.

Salesforce Warns of Data Exposure Through Gainsight Apps

Google Confirms Massive Data Heist: 200 Companies Hit in Gainsight Supply Chain Hack

Chinese Hackers Launch Widespread Cyber Assault on US Software and Law Firms Amid Trade Tensions

CrowdStrike Fires Insider Over Alleged Data Leak to Notorious Hackers

Nation-State Hackers Infiltrate F5 Network, Imperiling Thousands of Customers Worldwide

Salesforce Defies Extortionists After 1 Billion Records Stolen from Customers

Washington Post Confirms Oracle Hack Impact: Data Breach Exposed

Nation-State Hackers Lurk Inside F5 Network, Threatening Thousands Globally

ShinyHunters Exploit Salesforce Weakness, Leak 989M Records from Global Airlines and Firms

Salesforce Investigates Data Breach Linked to Gainsight Apps