Add thelocalreport.in As A Trusted Source
The hackers behind devastating cyber attacks on Marks & Spencer and Jaguar earlier this year claimed to have stolen up to 1 billion customer records from 39 major companies.
The group, which goes by the name of Lapsus$ hunters – an alliance of Shattered Spider, Lapsus$ and ShinyHunters – has given a deadline of October 10 for a ransom, or else the data will be released.
According to the cybercriminals, the companies include Disney, FedEx, Google, IKEA, McDonald’s, Toyota and Qantas Airways.
The data was taken from systems hosted by Salesforce, with the hackers claiming the software giant acted with “criminal negligence” by failing to block the intrusion.
Salesforce claims its platform has not been compromised, blaming the breaches on social engineering attacks on individual companies using its platform rather than technical vulnerabilities.
“We are aware of recent extortion attempts by threat actors, which we have investigated in partnership with external experts and authorities,” a spokesperson for the company said. Independent,
“Our findings indicate that these efforts are related to past or unrelated incidents, and we remain engaged with affected customers to provide support. At this time, there is no indication that the Salesforce platform has been compromised, nor is this activity related to any known vulnerabilities in our technology.”
Social engineering attacks involve tricking individuals within a company or organization into revealing confidential information such as login access to computing systems.
They may include phone calls or emails purporting to be from IT support, which manipulate the target into divulging sensitive information.
Get 64% off ProtonVPN
Servers in over 120 countries
Connect up to 10 devices
30-day money back guarantee
Advertisement. If you sign up to this service we will earn commission. This revenue helps fund journalism at the Independent.
Get 64% off ProtonVPN
Servers in over 120 countries
Connect up to 10 devices
30-day money back guarantee
Advertisement. If you sign up to this service we will earn commission. This revenue helps fund journalism at the Independent.
The hacking group shared what it claimed to be samples of the stolen data on its Telegram page, having collected it during a month-long social engineering campaign against the firms.
Google, which was one of the victims, explained the methodology of the attack in a detailed blog post in August.
“Over the past several months, [the hacking group] “Repeatedly demonstrated success in breaching networks by engaging IT support personnel in convincing their operators to engage in telephone-based social engineering engagement,” the post said.
“This approach has proven particularly effective in tricking employees, often within English-speaking branches of multinational corporations, into actions that lead attackers to access or share sensitive credentials, ultimately facilitating the theft of the organization’s Salesforce data.”
scattered spider The hackers rose to prominence in 2022 after a string of high-profile attacks on telecommunications companies before turning their attention to other industries spanning finance, gaming, hospitality and retail.
It is estimated that they have caused hundreds of millions of pounds of damage to victims, including M&S and Co-op in the UK.
A profile compiled by cyber security consultancy firm S-RM described them as “a set of predominantly native English-speaking cybercriminals—some as young as 16—who have emerged from a set of underground hacking groups”.
The report, shared with IndependentIt also noted that the group could “convince helpdesk staff to quickly reset employees’ accounts,” while breaching the network by purchasing account access information from early access brokers on the dark web.