#1
#1 out of 1
technology4h ago
ShinyHunters claims it's behind ongoing Salesforce Aura data theft assault
- ShinyHunters claims responsibility for ongoing Salesforce Aura data theft affecting about 100 high-profile organizations.
- Attackers allegedly scanned public Salesforce Experience Cloud portals starting in September 2025 using a modified AuraInspector tool.
- The group allegedly bypassed guest user limits and extracted Salesforce CRM data without authentication.
- Stolen data, including names and phone numbers, was used for follow-on social engineering and voice phishing campaigns.
- Salesforce warned customers about a known threat actor actively scanning public-facing Experience Cloud sites.
- TechRadar notes LastPass is among the mentioned companies under investigation for the claims.
- Salesforce stated the issue involved misconfigured guest access rather than a platform vulnerability.
- The report covers that the attackers used a custom tool to exploit guest access for data theft.
- The article includes statements from a TechRadar Pro source and references The Register for confirmation.
- Salesforce did not disclose how many companies were victims or the amount of data stolen.
- TechRadar emphasizes the breach stemmed from misconfigurations, not a Salesforce flaw.
Vote 0