**Nearly 1 Billion Salesforce Customer Records Stolen, Hackers Claim**
*By Dwaipayan Roy | October 4, 2025, 12:08 PM*
A notorious hacking coalition known as Scattered Lapsus$ Hunters has claimed responsibility for stealing close to one billion customer records from companies using Salesforce’s cloud databases. This group is a fusion of members from the well-known hacking collectives Scattered Spider, Lapsus$, and ShinyHunters.
### The Breach and Ransom Demand
The hackers allegedly infiltrated the cloud databases of multiple companies operating on the Salesforce platform and exfiltrated vast amounts of customer data. To exert pressure, Scattered Lapsus$ Hunters established a dark web site listing the breached companies. The site demands that these organizations “contact us to regain control and prevent public disclosure of your data,” a common extortion tactic where hackers seek ransom payments to withhold stolen information.
### Previous Activities and Coordination
This hacking group has been linked to a now-banned Telegram channel used to coordinate threats and tease upcoming data leaks. They have reportedly collaborated on several high-profile cyberattacks, including these recent Salesforce database breaches.
### Impact and Data Exposure
Several affected companies have publicly confirmed that sensitive customer information was compromised:
– **Allianz Life**, an insurance firm, confirmed a breach impacting approximately 1.4 million U.S. customers, with stolen data including Social Security numbers.
– **TransUnion**, a major credit bureau, reported that the names and Social Security numbers of 4.4 million customers were exposed.
– Other firms such as luxury conglomerate **Kering** and airline **Qantas** have acknowledged breaches but have yet to provide further details on the extent of information stolen.
### Salesforce’s Response
Salesforce has denied that its platform itself was compromised in these attacks. The company stated that it is actively working with the affected organizations to offer support and assistance. Nevertheless, the hackers explicitly named Salesforce on their leak site, demanding negotiations under the threat of releasing “all your customers’ data.”
As investigations continue, companies leveraging Salesforce’s cloud services are urged to review their security protocols and stay alert to potential threats.
—
*We will update this story as more information becomes available.*
https://www.newsbytesapp.com/news/science/salesforce-might-have-suffered-a-major-data-breach/story