Breach Details and Impact
A convenience store industry giant has confirmed a security incident affecting a significant number of individuals. The breach, which occurred in early April, involved unauthorized access to systems storing franchisee documents. The company disclosed the incident to affected customers on May 1, though it initially did not specify the total number of impacted individuals.
The ShinyHunters extortion group later claimed responsibility, stating they had stolen over 600,000 records from the company’s Salesforce environment. After the organization declined to pay a ransom, the group published a 9.4GB archive of documents on their dark web leak site. Analysis by data breach notification service Have I Been Pwned revealed that the exposed data includes names, dates of birth, email addresses, phone numbers, and physical addresses for approximately 185,300 individuals.
Broader Campaign Targeting Salesforce Customers
ShinyHunters has been actively targeting Salesforce customers for the past year, claiming responsibility for numerous high profile breaches. Their known victims span multiple industries and include a European Commission entity, a major video sharing service, prominent fashion retailers, an educational technology giant, a home security provider, and several technology companies.
This pattern of attacks underscores a persistent threat targeting cloud based customer relationship management platforms. Law enforcement agencies have previously advised victims not to pay ransoms, warning that doing so does not prevent threat actors from attempting to sell stolen data or extort victims again.
Source: BleepingComputer
