Cybercrime Collective Threatens 760 Companies After Stealing 1.5 Billion Salesforce Records
A cybercrime collective, Scattered LAPSUS$ Hunters, has made waves in 2025 with a series of high-profile attacks, primarily targeting Salesforce and its clients. The group, a coalition of infamous hacking outfits, has not publicly attributed its coordination to any specific individuals. Despite their brief reemergence to threaten publishing stolen data, no clear leader has been identified.
In mid-2025, the collective claimed to have stolen a staggering 1.5 billion Salesforce records from 760 companies. They accomplished this by compromising OAuth tokens linked to third-party integrations, a tactic known as voice phishing or vishing. The group alleges that significant security lapses at Salesforce enabled them to compromise over 100 instances.
The victims are a who's who of global corporations, including Toyota Motor Corporation, FedEx, UPS, Adidas, Disney/Hulu, and McDonald's. Other notable names affected are Qantas, Aeroméxico, Vietnam Airlines, Stellantis, IKEA, KFC, GAP, and Canvas by Instructure. The group has set a ransom deadline of October 10, 2025, threatening to publish sensitive data and technical details if their demands are not met.
Scattered LAPSUS$ Hunters, a coalition of ShinyHunters, Scattered Spider, and Lapsus$, has emerged as a significant threat in 2025. Their focus on data theft and extortion, rather than traditional ransomware, has caused concern among businesses worldwide. Despite their high-profile attacks and threats, the coordination of the group remains unclaimed by any specific individuals.
Read also:
- Unveiling the Less-Discussed Disadvantages of Buds - Revealing the Silent Story
- "In a daring decision, Battlefield 6 forgoes ray tracing - understanding the advantages this choice brings"
- Dubai's WETEX 2023: Global Showcase for Clean Energy & Sustainability
- Nissan Bolsters Supply Chain Compliance with New Manager and Digital Tools
