Headlines

Salesforce hackers demand $1B ransom

5 months ago5 months ago02 mins

A hacking group calling itself Scattered Lapsus$ Hunters claims to have stolen over one billion records from customers’ Salesforce databases—not by attacking Salesforce itself, but by exploiting third-party integrations (notably Salesloft’s Drift) and leveraging OAuth/refresh token access.

The hackers say these integrations gave them the ability to pull data via Salesforce APIs. The breach reportedly exposed sensitive customer and case data from many well-known companies. Their monetary demands are striking as well.

The group is demanding nearly US $1 billion in ransom to avoid publicly releasing the stolen data. They have launched a dark-web extortion portal and given victims until Friday October 10, 2025, to begin negotiations.

While Salesforce insists its core platform was not directly compromised and says it won’t pay the ransom, the episode highlights increasing risks in software supply chains, token security, and third-party integrations—especially in cloud environments.

Source: Hackers Claim 1B Salesforce Records Stolen, Demand $1B Ransom

Related News

Infor introduces industry-ready AI

Bob McAdam5 months ago5 months ago 0

Salesforce Hit With 14 Lawsuits Following Customer Data Breaches

Wayne Schulz5 months ago5 months ago 0

OAuth Token Theft Hits Salesforce Users: A Wake-Up Call for ERP Integrations

Wayne Schulz6 months ago6 months ago 0