Threat Intelligence

New Scattered Lapsus$ Hunters escalates Salesforce extortion

Salesforce American cloud-based software company in Manhattan, New York, NY, USA. August 24, 2024

Hacking conglomerate Scattered Lapsus$ Hunters, or the Trinity of Chaos, which consists of the Scattered Spider, Lapsus$, and ShinyHunters groups, has intensified efforts to extort victims of the widespread Salesforce hack with a new data leak site, BleepingComputer reports.

Thirty-nine high-profile organizations, including Google, Cisco, FedEx, Disney/Hulu, Toyota, Marriott, and IKEA, were listed by Scattered Lapsus$ Hunters to have been impacted by the incident, which allegedly resulted in the breach of nearly 1 billion records.

"All of them have been contacted long ago, they saw the email because I saw them download the samples multiple times. Most of them chose to not disclose and ignore," said the threat actors. Aside from urging victims to pay before Oct. 10, attackers also sought Salesforce to provide the demanded ransom to spare its clients from having their data exposed. Salesforce downplayed the claims, which it noted to involve "past or unsubstantiated incidents."

"At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerability in our technology," Salesforce added.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds