Slashdot: Salesforce Says It Won’t Pay Extortion Demand in 1 Billion Records Breach

Oct 8, 2025

—

Source URL: https://yro.slashdot.org/story/25/10/08/208202/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Salesforce Says It Won’t Pay Extortion Demand in 1 Billion Records Breach

Feedly Summary:

AI Summary and Description: Yes

Summary: Salesforce is facing an extortion demand from a crime syndicate that claims to have stolen approximately 1 billion records from various customers, highlighting vulnerabilities in user compliance and security practices. This incident underscores significant risks associated with data security and customer reliance on platforms such as Salesforce.

Detailed Description: The incident involving Salesforce serves as a critical case study in information security and compliance, particularly focusing on the risks faced by organizations utilizing cloud-based platforms. Notable points include:

* **Extent of Data Theft**: The crime syndicate, referred to as “Scattered LAPSUS$ Hunters,” claims to have captured roughly 1 billion records from many Salesforce customers. This demonstrates a significant risk associated with data exposure in cloud environments.

* **Threat Tactics**: The attackers initiated their campaign by making voice calls to organizations, successfully convincing some individuals to connect an attacker-controlled app to their Salesforce portal. This incident reveals the effectiveness of social engineering tactics in breaching security protocols.

* **Public Disclosure and Pressure Tactics**: The attackers created a website listing prominent clients like Toyota and FedEx, claiming their data was compromised. The website’s demand for ransom payment, coupled with threats of data leaks, represents a new wave of cyber-extortion tactics targeting major corporations.

* **Compliance and Governance Implications**: Organizations operating within regulatory frameworks may face severe repercussions if customer data is compromised. The refusal by Salesforce to pay the extortion demand raises questions about ethical considerations in cybersecurity and the impact on customer trust and compliance obligations.

* **Call to Action**: This event serves as a wake-up call for organizations to enhance their security awareness and practices, particularly regarding employee training on recognizing social engineering attempts and ensuring robust security measures to prevent unauthorized access.

* **Strategic Recommendations**:
– **Implement Employee Training**: Regular training sessions should be conducted to help employees recognize social engineering techniques.
– **Enhance Data Encryption**: Ensure that sensitive data is encrypted both at rest and in transit to mitigate risks associated with data exposure.
– **Adopt Zero Trust Architecture**: Organizations should consider implementing a Zero Trust model to continuously verify users and devices attempting to access sensitive systems.

Overall, this incident emphasizes the critical need for robust security measures, effective incident response plans, and ongoing vigilance in protecting sensitive data within cloud environments.

1 10 2 5 a access Act AI All and app Arch architecture art as at ated attack attacker attackers aware awareness based based platforms Bi bot breach by C case study CI CIA cli client clients Cloud cloud environment cloud environments cloud-based co Col compliance compliance and governance compliance obligations compromised continuous control core crime critical custom Customer customer data customer trust cyber cybersecurit Cybersecurity D data data encryption data exposure data leak data leaks data security data theft de demand demo device disclosure DoT dual e effective effectiveness employee training encryption end Engineer engineering environment environments ethical ethical considerations event exp extortion extortion tactics face Fed for framework frameworks full g Go governance H high Highlight HR http HTTPS impact implications in incident incident response incident response plan incident response plans information information security io Iron ite J k l Lance led Li Link listing M making man measures Mode model N new NGO no non o of on ons opt organization organizations ory oS out over pay payment per platform platforms point practices pre pro protocol protocols ps public Q question R Raise ransom ransom payment rate RCE re recommendations record red regulatory regulatory framework regulatory frameworks response Response Plan Risk risks Ro robust security robust security measures RoT Rust s sales Salesforce sec security security and compliance security awareness security measure security measures security practices security protocols sensitive data side Sig size sizes SoC social social engineering social engineering tactics social engineering techniques source SSO strategic strategic recommendations study system systems T tactics target tech techniques ted the theft threat threats to Tor Toyota TP training trust trust architecture trust model UN unauthorized access under up US use user Users uth V vigilance voice vulnerabilities Ware web website Wi x z zero Zero Trust Zero Trust Architecture Zero Trust model