Only days ago, a message on the BreachForums extortion site threatened to leak one billion records allegedly stolen from the Salesforce systems of 39 of the largest companies in the world, including Disney, Toyota, Adidas, McDonalds, IKEA, and Home Depot.
It was a threat that the criminals behind the site, a super-alliance of the ShinyHunters, Scattered Spider, and LAPSUS$ ransomware groups known as Scattered Lapsus$ Hunters, vowed to carry out via its dark web and Clearnet sites if Salesforce did not pay a ransom by 11.59 p.m. EST on October 10.
“If Salesforce does not engage with us to resolve this, we will completely target each and every indiviual [sic] customers of theirs listed below, failure to comply will result in massive consequences,” said a message on the original leak site.
