ShinyHunters’ Salesforce Shenanigans: Data Breach Drama Hits Big Brands

Salesforce emphasizes that the platform itself isn’t compromised, but rather customers are falling victim to social engineering attacks. The ShinyHunters extortion group has been exploiting this by using voice phishing, leaving companies like Qantas and Adidas in a data breach bind. Remember, folks, it’s not Salesforce, it’s you—so maybe enable that multi-factor authentication, eh?

3P
Published: July 30, 2025 7:55 pmAdded: July 30, 2025 at 1:11 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

It seems like the ShinyHunters group is out here turning “extortion” into an art form with a splash of vishing and a sprinkle of Salesforce. Who knew cybercrime could be so… entrepreneurial?

Key Points:

  • ShinyHunters are using voice phishing attacks to target Salesforce CRM instances.
  • Companies like Qantas, Allianz Life, LVMH, and Adidas have been affected by these breaches.
  • The attacks involve impersonating IT support to gain unauthorized access.
  • ShinyHunters are attempting to extort companies privately, with no public data leaks reported yet.
  • Salesforce insists its platform isn’t compromised, urging customers to follow security best practices.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?