ShinyHunters Wage Broad Corporate Extortion Spree - A cybercriminal group that used voice phishing attacks to siphon more than a billion reco... https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/ #scatteredlapsus$hunters #oraclee-businesssuite #crimsoncollective #neer-do-wellnews #alittlesunshine #charlescarmakal #latestwarnings #thecomingstorm #cve-2025-61882 #austinlarsen #shinyhunters #ransomware #salesforce #salesloft #asyncrat #unc6040 #unc6395

#RedHat #DataBreach escalates as #ShinyHunters joins extortion

https://www.bleepingcomputer.com/news/security/red-hat-data-breach-escalates-as-shinyhunters-joins-extortion/

ShinyHunters Wage Broad Corporate Extortion Spree

https://krebsonsecurity.com/2025/10/shinyhunters-wage-broad-corporate-extortion-spree/

#ScatteredLAPSUS$Hunters #OracleE-BusinessSuite #Ne'er-Do-WellNews #CharlesCarmichael #CrimsonCollective #ALittleSunshine #LatestWarnings #TheComingStorm #CVE-2025-61882 #AustinLarsen #ShinyHunters #Ransomware #Salesforce #Salesloft #ASYNCRAT #UNC6040 #UNC6395

#ShinyHunters launches #Salesforce data leak site to extort 39 victims

https://www.bleepingcomputer.com/news/security/shinyhunters-starts-leaking-data-stolen-in-salesforce-attacks/

NEW: Scattered LAPSUS$ Hunters have launched a leak site claiming a massive #Salesforce breach and stolen 1 Billion records from 39 high-profile companies around the world.

Full details: https://hackread.com/scattered-lapsus-hunters-salesforce-breach/

Scattered LAPSUS$ Hunters Launches Data Leak Site to Extort Salesforce Victims https://thecyberexpress.com/scattered-lapsus-hunters-salesforce-victims/ #ScatteredLapSusHunters #TheCyberExpressNews #ThreatIntelligence #cybersecuritynews #ScatteredSpider #TheCyberExpress #databreachnews #FirewallDaily #cybersecurity #cyberattacks #ShinyHunters #cybercrime #Salesforce #CyberNews #Salesloft #Dataleak #lapsus$

#Scattered #Spider, #ShinyHunters Restructure - New Attacks Underway 
https://securityaffairs.com/182799/cyber-crime/scattered-spider-shinyhunters-restructure-new-attacks-underway.html
#securityaffairs #hacking

Hacker behaupten: "Wir haben 1,5 Milliarden #Salesforce-Datensätze" - inside-it[.]ch https://www.inside-it.ch/hacker-behaupten-wir-haben-1%252C5-milliarden-salesforce-datensaetze-20250919 #Shinyhunters #SocialEngineering #ScatteredSpiders #UNC6040 #UNC6395 #Hacking #Datenschutz #privacy #DataLeak #Datenleck

NEW: Stellantis detects breach at third-party provider for North American customers (1 -- ShinyHunters claims responsibility)

https://databreaches.net/2025/09/22/stellantis-detects-breach-at-third-party-provider-for-north-american-customers/

#ShinyHunters claims 1.5 billion #Salesforce records stolen in #Drift hacks

https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/

Latest issue of my curated #cybersecurity and #infosec list of resources for week #38/2025 is out!

→ It includes the following and much more:

#ShinyHunters claims 1.5 billion #Salesforce records stolen in Drift hacks;

Jaguar Land Rover has extended its production shutdown by a week;

Kering, which owns #Gucci, #Balenciaga and other luxury brands, confirmed a #databreach;

"Pompompurin" was resentenced to three years in prison;

Self-replicating worm named "Shai-Hulud" infected at least 187 JavaScript packages on #NPM;

Salesforce launches ‘Missonforce’, a national security-focused business unit;

NEVER MISS my curations and updates on information security and cybersecurity news and challenges Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/infosec-mashup-38-2025

NEW: When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on

Others seem to have interpreted their "goodbye" message differently than I had. Were they lying or did people just not understand a significant statement in their message?

And while headlines focus on them hitting a bank, I think we need to take a closer look at their attacks on the aviation sector.

https://databreaches.net/2025/09/21/when-goodbye-isnt-the-end-scattered-lapsus-hunters-hack-on/

#databreach #ScatteredSpider #ShinyHunters #LAPSUS$ #CollinsAerospace #airlines #airports

Key Scattered LAPSUS$ Hunters Hacker Arrested in UK https://thecyberexpress.com/scattered-lapsus-hunters-hacker-arrested-in-uk/ #ScatteredLapSusHunters #TheCyberExpressNews #ScatteredSpider #TheCyberExpress #FirewallDaily #ShinyHunters #ThalhaJubair #cybercrime #CyberNews #lapsus$ #TheCom

NEW: Tiffany discloses data breach involving gift cards -- second breach disclosure in recent months:

https://databreaches.net/2025/09/17/tiffany-discloses-data-breach-involving-gift-cards-second-breach-disclosure-in-recent-months/

So many news reports have repeated the BBC's mistaken estimate about the number of customers affected by the Kering data breaches. So...

No, folks, it's not 7.4 million affected or fewer. It's a lot more because the BBC's estimate was based on just the second and smaller breach (Balenciaga, Brioni, and Alexander McQueen), and not the Gucci data which allegedly has more than 43 million records. Even assuming repeat customers are in there, there are likely a lot of unique customers in the Gucci data.

If we use the same percent based on 7.4 million out of almost 13 million recordsin the second data set, then that would yield 24-25 million unique email addresses for the Gucci data set, for an estimated total of more than 31 million customers all told.

I didn't estimate the number of unique customers in my reporting because it's too sloppy. But it's highly unlikely to be 7.4 million or fewer as BBC reported.

#Kering #Gucci #Balenciaga #Brioni #AlexanderMcQueen #databreach #Salesforce #ShinyHunters #UNC6040 #incidentresponse #transparency

My reports:
https://databreaches.net/2025/09/11/exclusive-high-end-fashion-retailers-gucci-balenciaga-brion-and-alexander-mcqueen-hit-by-salesforce-attacks/

https://databreaches.net/2025/09/15/update-kering-confirms-gucci-and-other-brands-hacked-claims-no-conversations-with-hackers/

@euroinfosec @zackwhittaker

Last week, I broke the story about Gucci and other Kering brands being hacked by ShinyHunters as part of the Salesforce campaign. In my reporting, I included chat logs and other exclusive details. You can read my original reporting here: https://databreaches.net/2025/09/11/exclusive-high-end-fashion-retailers-gucci-balenciaga-brion-and-alexander-mcqueen-hit-by-salesforce-attacks/

There is now an update that refutes Kering's reported claim today that they didn't have any conversations with the hackers. I also highlight their failures to be more transparent about the incidents:
https://databreaches.net/2025/09/15/update-kering-confirms-gucci-and-other-brands-hacked-claims-no-conversations-with-hackers/

Cyberkriminelle: "Scattered Lapsus$ Hunters" haben keine Lust mehr | heise online https://www.heise.de/news/Cybergang-Scattered-Lapsus-Hunters-kuendigt-Abschied-an-ein-bisschen-10643212.html #CyberCrime #Malware #SocialEngineering #Ransomware #Lapsus #ShinyHunters #ScatteredLapsusHunters

#ShinyHunters Attack National Credit Information Center of Vietnam
https://securityaffairs.com/182189/cyber-crime/shinyhunters-attack-national-credit-information-center-of-vietnam.html
#securityaffairs #hacking

I recently reported on a claimed hack of the Credit Institute of Vietnam, which manages the country's state-run National Credit Information Center. The hack allegedly affects almost the entire population of the country.

Now the Vietnam Cyber Emergency Response Center (VNCERT) has confirmed there has been a breach and its scope is being investigated.

My post: https://databreaches.net/2025/09/08/vietnams-national-credit-registration-and-reporting-agency-hacked-most-of-the-population-affected/

Update from VietNam News: https://vietnamnews.vn/economy/1725079/national-credit-info-centre-hacked-personal-data-at-risk.html