Intrusions exploiting stolen Salesloft Drift OAuth tokens were claimed by the ShinyHunters hacking operation, also known as UNC6040, to have resulted in the theft of more than 1.5 billion Salesforce records from 760 organizations, according to BleepingComputer.After compromising Salesloft's GitHub repository in March, ShinyHunters disclosed that it leveraged the TruffleHog security tool to discover and pilfer Salesloft Drift and Drift Email OAuth tokens from the source code, which were later used to steal corporate records from various Salesforce object tables.More than a third of the exfiltrated records were from the "Contact" object table, while nearly 459 million, almost 250 million, 171 million, and 60 million records were obtained from the "Case", "Account", "Opportunity", and "User" tables, respectively, said ShinyHunters.Such a development comes after ShinyHunters and other threat groups part of the Scattered Spider hacking collective disclosed ceasing their operations amid increased law enforcement pressure. However, Scattered Spider was noted by ReliaQuest to have been targeting financial organizations since July.
Supply chain, Data Security, Breach
Over 1.5B Salesforce records impacted by ShinyHunters’ Salesloft Drift hack

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



