Massive Cyber Extortion Leaks Millions of Customer Records via Salesforce Services
A cyber extortion attack exploiting Salesforce services has leaked millions of customer records, affecting multiple companies including Qantas, with ongoing investigations and warnings of further data exposure.
- • Millions of customer data leaked via Salesforce cloud service hack by 'Scattered Lapsus$'
- • Qantas Airways confirms 5.7 million compromised records, excluding financial details
- • Other impacted firms include Vietnam Airlines, Albertsons, Gap, FujiFilm, and Engie Resources
- • Investigations target BreachForums used by hackers, with ongoing data leak threats
Key details
A major cyber extortion attack has led to the online leak of millions of customer records originating from compromised cloud services provided by the US technology company Salesforce. On October 10, the hacker group 'Scattered Lapsus$' publicly released these data on the Dark Web, encroaching upon multiple companies including well-known global enterprises. This incident represents a significant digital security challenge for businesses worldwide, including those in Germany who rely on Salesforce's platforms.
Among the affected companies, Australia's largest airline, Qantas Airways, confirmed the theft of 5.7 million customer records. These compromised data primarily consist of names, email addresses, and frequent flyer information, with no credit card or personal financial details involved. Other corporations impacted in the initial data release wave include Vietnam Airlines, Albertsons, Gap, FujiFilm, and Engie Resources. The hacker group has threatened to release further datasets if ransom demands are not met, potentially impacting up to 40 additional companies.
This cyber extortion operation is under investigation by the US FBI and the French cybercrime unit BL2C, focusing on BreachForums, the platform leveraged by the hackers to distribute stolen data and facilitate extortion. Although the Clearnet version of BreachForums is being probed, its Onion network version continues distributing data and enabling the attackers’ operations.
This large-scale data breach incident comes amid a backdrop of rapidly increasing data volumes in companies, which, without robust data strategies and infrastructure investments, pose significant risks. German companies, in particular, are facing challenges in managing the exponential data growth driven by digital services and real-time processing demands. Industry experts stress that investments in scalable and secure data architectures, integration of Artificial Intelligence for efficient data handling, and comprehensive data governance are crucial to mitigate vulnerabilities exposed by such cyberattacks.
The unfolding situation highlights glaring vulnerabilities associated with massive data accumulation and cloud dependence, underlining the urgent need for enterprises globally to bolster their cyber defenses, implement strategic data management frameworks, and anticipate further repercussions from evolving extortion threats.