Channels

Sticky Video Player with Ad Breaks
📺 WATCH US NOW!

ShinyHunters hackers ransom 1 billion Salesforce records on the dark web, report says

October 3, 2025

Does your company use Salesforce? A hacker group may very well have stolen your data. Or, at the very least, they want you to think so.

On Friday, cybersecurity researchers discovered a website on the dark web that is attempting to extort victims of a major Salesforce data breach. According to TechCrunch, which first reported the story, hackers claim that roughly one billion customer records have been stolen in recent weeks from companies that use Salesforce.

The data includes records of each companies’ own customers, which are stored in cloud databases run by Salesforce, a company known for its cloud-based business software.

The hackers’ website lists numerous companies that they say have been victimized by this breach, including FedEx, Toyota, and Disney Hulu. Some companies, such as Google and credit report company TransUnion, have confirmed that their data was recently stolen in a Salesforce breach; however, they do not appear on the ransom website, for reasons unknown.

The hackers behind the website have previously gone by names such as Scattered Spider, ShinyHunters, and Lapsus$. The dark web site that has published the leak is called Scattered LAPSUS$ Hunters.

Mashable has previously reported on this hacker collective. The group has taken responsibility for numerous high-profile hacks in recent years, including the Ticketmaster breach and the AT&T data leak. The group’s targets range from major airlines to the video game makers behind Grand Theft Auto.

“Contact us to regain control on data governance and prevent public disclosure of your data,” the hackers’ dark web site says, per Tech Crunch. “Do not be the next headline. All communications demand strict verification and will be handled with discretion.”

The hacker group appears to be trying to extort Salesforce directly. The group is threatening to release the company’s customers’ data if Salesforce doesn’t pay a ransom.

In response, Salesforce put out a security advisory on its website titled “Ongoing Response to Social Engineering Threats”:

We are aware of recent extortion attempts by threat actors, which we have investigated in partnership with external experts and authorities. Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support. At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerability in our technology. 

We understand how concerning these situations can be. Protecting customer environments and data remains our top priority, and our security teams are fully engaged to provide guidance and support. As we continue to monitor the situation, we encourage customers to remain vigilant against phishing and social engineering attempts, which remain common tactics for threat actors.

Content Accuracy: Keewee.News provides news, lifestyle, and cultural content for informational purposes only. Some content is generated or assisted by AI and may contain inaccuracies, errors, or omissions. Readers are responsible for verifying the information. Third-Party Content: We aggregate articles, images, and videos from external sources. All rights to third-party content remain with their respective owners. Keewee.News does not claim ownership or responsibility for third-party materials. Affiliate Advertising: Some content may include affiliate links or sponsored placements. We may earn commissions from purchases made through these links, but we do not guarantee product claims. Age Restrictions: Our content is intended for viewers 21 years and older where applicable. Viewer discretion is advised. Limitation of Liability: By using Keewee.News, you agree that we are not liable for any losses, damages, or claims arising from the content, including AI-generated or third-party material. DMCA & Copyright: If you believe your copyrighted work has been used without permission, contact us at dcma@keewee.news. No Mass Arbitration: Users agree that any disputes will not involve mass or class arbitration; all claims must be individual.

Related Posts

The Apple AirPods 4 are still chilling at a record-low post-Prime Day
The Apple AirPods 4 are still chilling at a record-low $89 post-P ...
October 10, 2025
Microsoft Word will now automatically save your docs in the cloud
Microsoft Word will now automatically save your docs in the cloud
October 10, 2025
Set and forget your homes temperature with off the Google Nest Thermostat
Set and forget your homes temperature with $38 off the Google Nes ...
October 10, 2025

Sponsored Advertisement