Google: Hackers Steal 200 Company Data Stored Salesforce

Google found a Salesforce data leak (photo: dock. Salesforce)

JAKARTA Salesforce experienced data leaks after the hacker group managed to steal data through the Gainsight application. Based on Google's findings, this data theft is detrimental to hundreds of companies.

Google stated that this hacking case caused more than 200 companies to be stolen. This finding was conveyed by Austin Larsen, Head of Google Threat Intelligence Group Threat Analyst, as reported by TechCrunch.

Although underlined as a 'potentially affected' company, this data theft case remains relatively large-scale because it involves hundreds of companies. Google does not want to comment on the specific theft of victims' data.

Previously, when Salesforce revealed a data breach through Gainsight, the company did not disclose which company I was affected. However, there is a hacker group that claims responsibility for the hack.

The hacker, who calls himself Scattered Lapsus$ Hunters, shared evidence of the hack through their Telegram channel. The group includes a well-known hacker group like ShinyHunters.

The hackers say they are targeting many large companies. Some of the major companies claimed to have their internal data taken were Atlassian, CrowdStricte, Docusign, F5, GitLab, LinkedIn, Malwarebytes, SonicWall, Thomson Reuters, and Verizon.

Now, Gainsight is working with Google's incident response unit, Mandiant, to assist in the Salesforce investigation. While overcoming losses to this issue, Gainsight confirmed that this incident, "derived from an external connection to the app, not from within the Salesforce platform."

As a precautionary measure, Salesforce has also temporarily revoked active access tokens for apps connected to Gainsight. Salesforce is also informing customers whose data was stolen due to this incident.