Salesforce Says It Won't Pay Extortion Demand in 1 Billion Records Breach (arstechnica.com)
- Reference: 0179717146
- News link: https://yro.slashdot.org/story/25/10/08/208202/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach
- Source link: https://arstechnica.com/security/2025/10/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach/
> The threat group making the demands began their campaign in May, when they made voice calls to organizations storing data on the Salesforce platform, Google-owned Mandiant said in June. The English-speaking callers would provide a pretense that necessitated the target connect an attacker-controlled app to their Salesforce portal. Amazingly -- but not surprisingly -- many of the people who received the calls complied.
>
> [...] Earlier this month, the group created a website that named Toyota, FedEx, and 37 other Salesforce customers whose data was stolen in the campaign. In all, the number of records recovered, Scattered LAPSUS$ Hunters claimed, was "989.45m/~1B+." The site called on Salesforce to begin negotiations for a ransom amount "or all your customers [sic] data will be leaked." The site went on to say: "Nobody else will have to pay us, if you pay, Salesforce, Inc." The site said the deadline for payment was Friday.
[1] https://arstechnica.com/security/2025/10/salesforce-says-it-wont-pay-extortion-demand-in-1-billion-records-breach/
Big deal (Score:4, Funny)
> stolen roughly 1 billion records
Based on the complexity of most Salesforce installations I've seen, the thieves should be paying Salesforce to help them interpret the garbage they've downloaded, not the other way around...
Re: (Score:1)
Thanks, I actually laughed out loud.
I don't see where Salesforce is at fault here (Score:2)
I don't see where Salesforce is at fault here.
"The English-speaking callers would provide a pretense that necessitated the target connect an attacker-controlled app to their Salesforce portal. Amazingly -- but not surprisingly -- many of the people who received the calls complied."
Sounds like end-user stupidity.
If I am storing my data on your server and I send you commands to download that data, that's the normal course of what you do for me.
If you're dumb enough to let hackers into your system to download
Re: (Score:2)
> I don't see where Salesforce is at fault here.
They're not.
> Sounds like end-user stupidity.
It was.
> Based on what I read here, Salesforce is on the side of the angels here.
Whoa, there.
On the side of the slower-growing cancers, for sure. Angels? No, sir.
Amazingly -- but not surprisingly (Score:2)
You can't claim to be amazed by something that isn't surprising.
Re: (Score:2)
It can be amazing when a Magician does a trick, but you shouldn't be surprised that a Magician is doing tricks.
Why are the bad guys winning? (Score:2)
Kind of a sincere question they I admit that I have a lot of theories about the answers...
Tease my biggest? Inability of the police to understand what's going on? Or maybe something about innovator's advantage to the crooks?
Related reading: How about Nexus by Harari?
Re: (Score:2)
*sigh*
FP haste makes waste.
s/they I admit/though I admit/
Re: (Score:3)
Because best IT practices often get set aside by management as an IT cost saving measure.
Re: (Score:2)
There it is.
Re: (Score:2)
When your front door can be accessed from a side street that no one knows the address of, it's semi-secure.
But when your front door is accessed by anyone with a computer half a world away, there will be aggressive knocking... All day every day.