The group, known as Lapsus$, Scattered Spider and ShinyHunters, created a dark web site called Scattered LAPSUS$ Hunters, which pressures victims to pay the hackers to prevent their stolen data from being published.
According to reports, the hackers demand that Salesforce negotiate a ransom, warning, “all your customers data will be leaked.”
In a statement posted on its website, the technology giant revealed it is “aware of recent extortion attempts by threat actors”, which it has investigated in partnership with external experts and authorities.
“Our findings indicate these attempts relate to past or unsubstantiated incidents, and we remain engaged with affected customers to provide support. At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerability in our technology.
“We understand how concerning these situations can be. Protecting customer environments and data remains our top priority, and our security teams are fully engaged to provide guidance and support. As we continue to monitor the situation, we encourage customers to remain vigilant against phishing and social engineering attempts, which remain common tactics for threat actors.”
However, Salesforce is not the only technology giant to have suffered a cyberattack this year.
