A notorious predominantly English -language hacking group has launched a website to squeeze its victims and threatens to release a billion records from companies that store their customers’ data in cloud databases hosted by Salesforce.
The loosely organized group, known as Lapsus $, spread Spider and Shinyhunters, has published a special data leak site on the Dark Web, called Scattered Lapsus $ hunters.
The website, noted for the first time by researchers of threats on Friday and seen by Techcrunch, is intended to put pressure on victims to pay the hackers to prevent their stolen data from being published online.
“Contact us to regain control of data management and to prevent the public disclosure of your data,” the site is. “Do not be the next head. All communication requires strict verification and will be treated with discretion.”
In recent weeks, the Shinyhunters gang has reportedly hacked dozens of high-profile companies by breaking into their cloud-based databases organized by Salesforce.
Insurance giant Allianz Life, Google, Fashion Conglomerate Kering, the airline Qantas, Carming Giant Stellantis, Credit Bureau Transunion and the working day of the Employee Management, including, have confirmed that their data has been stolen in these massive hacks.
The leks site of the hackers contains several alleged victims, including Fedex, Hulu (owned by Disney) and Toyota Motors, who did not respond to a request for comment on Friday.
It is not clear whether the companies that are known to have been hacked but are not mentioned on the leks site of the hacking group have paid a ransom to the hackers to prevent their data from being published. When he was reached by Techcrunch, a representative of Shinyhunters said: “There are many other companies that are not mentioned,” but refused to say why.
At the top of the site, the Hackers Salesforce mention and demand that the company negotiates a ransom, which otherwise ‘threatens all your customers’ [sic] Data is leaked. “The tone of the message suggests that Salesforce is not yet involved with the hackers.
A Salesforce spokesperson did not respond to the Techcrunch outreach or questions about the infringement.
For weeks, security researchers speculated that the group, which has taken away a public presence historically online, was planning to publish a data lecture website to extort its victims.
Historically, such websites are associated with foreign, often Russian-speaking, ransomware gangs. In recent years, these organized cyber crime groups have evolved from stealing, coding their victim’s data and then requesting a ransom for private life, to easily threaten to publish the stolen data online unless they are paid.
Updated with comments from Shinyhunters.
#Hacking #Group #claims #theft #billion #records #Salesforce #Customer #databases #Techcrunch