Major U.S insurance provider Farmers Insurance had information from more than 1.1 million customers pilfered following the compromise of a third-party vendor-hosted database in late May, reports BleepingComputer.
Unauthorized database access allowed threat actors to exfiltrate individuals' names, birthdates, addresses, driver's license numbers, and the last four digits of their Social Security numbers, said Farmers in a breach notification that noted the third-party vendor's immediate detection and containment of the illicit cyber activity. Despite the lack of details regarding the intrusion, BleepingComputer has found the breach to be related to the sweeping Salesforce data breach campaign that has been ongoing since earlier this year. Google, Cisco, Allianz Life, Adidas, Qantas, Workday, and LVMH subsidiaries were among the organizations victimized by such attacks, which involved extortion demands from the ShinyHunters hacking group. "Like we have said repeatedly already, ShinyHunters and Scattered Spider are one and the same. They provide us with initial access and we conduct the dump and exfiltration of the Salesforce CRM instances. Just like we did with Snowflake," said ShinyHunters.
Unauthorized database access allowed threat actors to exfiltrate individuals' names, birthdates, addresses, driver's license numbers, and the last four digits of their Social Security numbers, said Farmers in a breach notification that noted the third-party vendor's immediate detection and containment of the illicit cyber activity. Despite the lack of details regarding the intrusion, BleepingComputer has found the breach to be related to the sweeping Salesforce data breach campaign that has been ongoing since earlier this year. Google, Cisco, Allianz Life, Adidas, Qantas, Workday, and LVMH subsidiaries were among the organizations victimized by such attacks, which involved extortion demands from the ShinyHunters hacking group. "Like we have said repeatedly already, ShinyHunters and Scattered Spider are one and the same. They provide us with initial access and we conduct the dump and exfiltration of the Salesforce CRM instances. Just like we did with Snowflake," said ShinyHunters.
