Salesforce Customer Data Leaked in Massive Extortion Plot

Cyber Security News by CyberSum.net

Published on October 3, 2025 at 06:00 PM

4 sources

A hacking collective known as Scattered LAPSUS$ Hunters has launched a data leak site to extort dozens of companies. The group is threatening to release approximately one billion records stolen from victims' Salesforce instances if ransoms are not paid. High-profile organizations are listed on the site with samples of their stolen data, which includes sensitive customer and employee information. The threat actors are also pressuring Salesforce directly to pay a ransom to prevent the data of all its affected customers from being leaked. While the attacks targeted individual customer accounts, the cloud service provider states its core platform was not compromised.

Also Read

WhatsApp Malware Spreads Rapidly on Windows Systems

A new self-propagating malware, codenamed SORVEPOTEL, is targeting users through the popular messaging app WhatsApp. The campaign spreads via phishing messages containing malicious ZIP files, primarily affecting Windows systems in a specific country. Engineered for rapid propagation rather than data theft, the malware hijacks the desktop version of WhatsApp to spam all of the user's contacts and groups. This automated spreading often results in the compromised account being banned for violating the platform's terms of service. The attack begins with a message from an already compromised contact, lending it credibility to trick users into opening the malicious attachment.

By Cyber Security News by CyberSum.netOctober 3, 2025 at 06:00 PM