Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it

Joseph K
1 day ago
1 min read

Salesforce has disclosed another third-party breach in which criminals - likely ShinyHunters (again) - may have accessed hundreds of its customers' data.

This time, the suspicious activity involves Gainsight-published applications connected to Salesforce, which are installed and managed directly by customers.

“This activity is likely related to UNC6240 (aka ShinyHunters),” Google Threat Intelligence Group’s principal analyst Austin Larsen told The Register, adding that the threat hunters are “aware of more than 200 potentially affected Salesforce instances.”

https://www.theregister.com/2025/11/20/salesforce_gainsight_breach/

Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it

Comments

Recent Posts

Salesforce: Approaching Sustainability in the Age of AI

Salesforce says some of its customers’ data was accessed after Gainsight breach

Salesforce launches deep observability tools for agentic AI

Salesforce-linked data breach claims 200+ victims, has ShinyHunters’ fingerprints all over it

Will Salesforce’s Informatica Acquisition Make Agentforce Unstoppable?

Get In Touch

Headquarters

Seoul Office