Search Results: DataExtortion

The notorious ShinyHunters collective has launched a public extortion portal leaking stolen Salesforce data from companies including Google, FedEx, and Marriott. Threat actors demand ransoms under threat of full data exposure by October 10, while separately pressuring Salesforce to pay for global customer protection. This coordinated campaign exploits voice phishing and OAuth vulnerabilities, impacting billions of records across major corporations.

French luxury giant Chanel confirms its US customer contact data was stolen, becoming the latest high-profile victim in a relentless wave of attacks targeting Salesforce instances. The ShinyHunters extortion group is exploiting employee vishing attacks to compromise credentials or install malicious OAuth apps, bypassing platform security. This breach underscores a critical vulnerability in cloud service dependencies: the human element.

Dell confirmed that the newly rebranded World Leaks extortion group breached its isolated Customer Solution Centers platform, designed for product demos. While attackers stole data, Dell asserts it was primarily synthetic test information with minimal outdated legitimate content. The incident highlights the evolving threat landscape as ransomware groups pivot toward pure data extortion tactics targeting secondary systems.