A notorious hacking collective, identified as Lapsus$/Scattered Spider/ShinyHunters, has launched a dark web extortion site, "Scattered LAPSUS$ Hunters," threatening to release approximately one billion customer records stolen from companies utilizing Salesforce cloud databases. Confirmed victims include Allianz Life, Google, TransUnion, and Workday, with FedEx, Hulu, and Toyota also listed by the hackers. The group is directly pressuring Salesforce to negotiate a ransom, warning that failure to comply will result in a mass data leak, underscoring significant data security vulnerabilities for enterprises relying on major cloud platforms and highlighting a growing trend in cyber extortion tactics towards direct data publication threats.
A significant cybersecurity event is unfolding as a hacking collective, identified as Lapsus$/Scattered Spider/ShinyHunters, has launched a direct extortion campaign targeting Salesforce (CRM) and its enterprise customers. The group is threatening to publish approximately one billion stolen customer records on a dedicated dark web site unless a ransom is paid, specifically demanding that Salesforce itself negotiate a payment. The severity of this breach is underscored by the high-profile nature of the confirmed victims, including Alphabet (GOOGL), TransUnion (TRU), and Workday (WDAY), which highlights a critical vulnerability in Salesforce's cloud database infrastructure. This incident, reflected in the extremely negative sentiment score (-0.9) for CRM and high market impact score (0.8), poses a substantial threat of reputational damage, customer churn, and significant legal and remediation costs. The lack of an official response from Salesforce introduces considerable uncertainty and heightens investor concern regarding the company's containment strategy and the full scope of the data compromise.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Request a DemoOverall Sentiment
extremely negative
Sentiment Score
-0.90
Ticker Sentiment
